We compared Abnormal Security and Darktrace based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparison between Abnormal Security and Darktrace, Abnormal Security offers easy setup and seamless integration with Office 365, whereas Darktrace's setup can be difficult and time-consuming. Abnormal Security specializes in catching spear phishing attacks and has AI-based spam filtering, while Darktrace focuses on detecting threats and vulnerabilities using AI-driven capabilities. Abnormal Security could improve by addressing email slip-through and finding more partnerships, whereas Darktrace could enhance its false positive reduction and simplify configuration. Pricing-wise, Abnormal Security has fair prices and excellent customer support, while Darktrace's pricing and licensing model could be more flexible and support could be improved in certain areas.
"Does a thorough job of examining email and URLs for malicious content."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface."
"Microsoft Defender for Office 365's most valuable features are safe attachments and safe links."
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"The initial setup was easy."
"Microsoft Defender for Office 365's most valuable feature is its performance."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"I have never encountered any stability issues with Abnormal."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"We liked their approach to identifying intrusions or network anomalies using AI."
"A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time."
"The platform has many modules, and each module examines a different situation in the behavior."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"It's a very stable product."
"The company should focus on adding threats that the solution is currently unable to detect."
"The UI needs to be more user-friendly."
"One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication."
"Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"We need to be able to whitelist data at the backend."
"I would like to have the ability to customize the auto-remediation feature."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"The biggest pain point for us is the lack of support for on-premise email systems."
"One feature I'd love to see is outbound scanning."
"The pricing for academic institutions and student mailboxes is challenging."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"The pricing model is a little too high and could be more flexible."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"The solution can improve the reporting."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"It's a very complex platform."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Abnormal Security is ranked 10th in Email Security with 8 reviews while Darktrace is ranked 12th in Email Security with 66 reviews. Abnormal Security is rated 9.6, while Darktrace is rated 8.2. The top reviewer of Abnormal Security writes "Provides comprehensive email security management, effective in detecting a wide range of email threats". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Abnormal Security is most compared with Mimecast Email Security, Egress Intelligent Email Security, Cloudflare Area 1 Email Security, Avanan and Fortinet FortiMail, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Abnormal Security vs. Darktrace report.
See our list of best Email Security vendors.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.