Try our new research platform with insights from 80,000+ expert users

Arista NDR vs Vectra AI comparison

Arista and Vectra AI are both solutions in the Network Detection and Response (NDR) category. Arista is ranked #10 with an average rating of 9.0, while Vectra AI is ranked #2 with an average rating of 8.2. Arista holds a 4.8% mindshare in NDaR, compared to Vectra AI’s 20.1% mindshare. Additionally, 100% of Arista users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Arista NDR
Read 14 Arista NDR reviews
  • 2,029 Views
  • 1,278 Comparison Views
100% willing to recommend
Vectra AI
Read 43 Vectra AI reviews
  • 8,716 Views
  • 4,382 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 6, 2024

Vectra AI and Arista NDR are prominent competitors in the realm of network detection and response solutions. Vectra AI appears to have the upper hand due to its precise detection capabilities through AI-enabled filtering and triaging, which are highly praised in reducing alert fatigue.

Features: Vectra AI emphasizes detection precision with AI-enabled filtering and triaging, comprehensive attack lifecycle visibility, and risk-based threat prioritization. Arista NDR is known for its detailed traffic analysis, enriched security insights, and real-time enhanced visibility, coupled with its praised detailed reporting capabilities.

Room for Improvement: Vectra AI could benefit from better integration with third-party systems and improved management of complex host-driven threats. Enhancements for tracking multiple attack sources and better integrating host behavior analysis are needed. Arista NDR should expand its geographic presence and enhance engineering support, especially in underrepresented markets.

Ease of Deployment and Customer Service: Both Vectra AI and Arista NDR offer strong technical support. Vectra AI is recognized for its robust customer service structure, ensuring responsive support. Arista NDR is appreciated for its responsive customer service due to a close-knit support team, but might benefit from an expanded support infrastructure as the company grows.

Pricing and ROI: Vectra AI’s licensing is costly but seen as a valuable investment for enterprises focusing on threat detection. Arista NDR offers competitive pricing, making it a budget-friendly option, ideal for firms seeking cost-effective MDR service integration. Both solutions provide ROI by reducing incident response times and enhancing network security efficiency, though Vectra AI’s complex licensing may deter some customers.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Arista NDR vs. Vectra AI Report (Updated: December 2024).
Buyer's Guide
Arista NDR vs. Vectra AI
December 2024
Download the complete report
Helped 823,795 peers since 2012
 

Categories and Ranking

Arista NDR
Ranking in Network Detection and Response (NDR)
10th
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
14
Ranking in other categories
Network Traffic Analysis (NTA) (6th)
Vectra AI
Ranking in Network Detection and Response (NDR)
2nd
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
43
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of December 2024, in the Network Detection and Response (NDR) category, the mindshare of Arista NDR is 4.8%, down from 5.4% compared to the previous year. The mindshare of Vectra AI is 20.1%, up from 20.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Network Detection and Response (NDR)
 

Featured Reviews

reviewer1506834 - PeerSpot reviewer
Gives us network layer visibility into things that may not be covered by other monitoring tools, such as shadow IT
One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far. Even without that it's useful because with the MNDR team, they'll at least do some of that work for us and then we can follow up on certain things. But that is something that we would want to see improved. Because we have the MNDR team, in some ways we don't work as hands-on with the interface itself as we did before. But another thing that would be helpful would be easier ways to integrate it with other systems. The integrations seem to exist, but they're a little weak in terms of how easy they are to set up, or what kind of information can be pulled in. That's something they've said that they're working on, as part of their roadmap, but that is something that I would like to see improved.
Read full review
Tony Whelton - PeerSpot reviewer
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the ability to see suspicious activity for devices inside my network. It helps me to quickly identify that activity and do analysis to see if it's expected or I need to mitigate that activity quickly."
"This solution help us monitor devices used on our network by insiders, contractors, partners, or suppliers. Its correlation and identification of specific endpoints is very good, especially since we have a large, virtualized environment. It discerns this fairly well. Some of the issues that we have had with other tools is we sometimes are not able to tell the difference between users on some of those virtualized instances."
"The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'"
"The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use."
"Other solutions will say, "Hey, this device is doing something weird." But they don't aggregate that data point with other data points. With Awake you have what's called a "fact pattern." For example, if there's a smart toaster on the third floor that is beaconing out to an IP address in North Korea, sure that's bizarre. But if that toaster was made in North Korea it's not bizarre. Taking those two data points together, and automating something using machine-learning is something that no other solution is doing right now."
"It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now."
"The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that."
"This solution’s encrypted traffic analysis helps us stay in compliance with government regulations. It is all about understanding data exfiltration, what is ingressing and egressing in our network. One common attack vector is exfiltrating data using encryption. My capabilities to see potential data exfiltration over encrypted traffic is second to none now."
More Arista NDR pros
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
More Vectra AI pros
 

Cons

"Arista NDR needs to open legal offices to be closer to customers and partners. It needs more visibility in the NDR market in the Middle East. While they are doing well, they lack sufficient engineers. They need to hire more engineers to meet the demand and expand their presence. The current team is good but not enough to fully capture the market."
"When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way."
"I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this."
"The one thing that the Awake platform lacks is the ability to automate the ingestion of IOCs rather than having to import CSV files or JSON files manually."
"One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out."
"There's room for improvement with some of the definitions, because I don't have time and I'm not a Tier 4 analyst. I believe that is something they're working towards."
"One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far."
"Be prepared to update your SOPs to have your analysts work in another tool separately. There are some limitations in the integrations right now. One of the things that I want from a security standpoint is integration with multiple tools so I don't need to have my analysts logging into each individual tool."
More Arista NDR cons
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
More Vectra AI cons
 

Pricing and Cost Advice

"Because I represent a hedge fund, I have some leverage. I told them that they had to meet my conditions if they wanted me as a client. It was the same way with Awake. They wanted an initial four-year agreement. Initially, we signed on for a one-year contract, but they wanted the four-year deal when it came time for the renewal. I told them that I was not doing that. I said that they either had to do it on my terms, or I'd go somewhere else."
"The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year."
"The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at."
"The solution is very good and the pricing is also better than others..."
"Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model."
"Awake's pricing was very competitive. It's not a cheap option though. It's an investment to utilize it, but it's one that we decided was worth the cost, with the managed services. At our scale, it was a much better option to utilize their software and their managed services to handle this, rather than hiring another person to be an analyst. It was quite cost-effective for us."
"We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"The solution is low-cost and affordable."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"Vectra is a bit on the higher side in terms of price, but they have always been transparent. The reason that they are this good is that they invest, so they need to charge accordingly."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"The pricing is very good. It's less expensive than many of the tools out there."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
More Vectra AI pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Network Detection and Response (NDR) solutions are best for your needs.
See recommendations
823,795 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
10%
Government
8%
Educational Organization
8%
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Arista NDR?
Arista NDR's scalability is very good, making it easy to add more hardware components. You can order additional hardware and integrate it by stacking it with the existing setup. This feature cannot...
See all answers
What is your experience regarding pricing and costs for Arista NDR?
The tool's pricing is expensive but it is competitive.
See all answers
What needs improvement with Arista NDR?
Arista NDR needs to open legal offices to be closer to customers and partners. It needs more visibility in the NDR market in the Middle East. While they are doing well, they lack sufficient enginee...
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
Vectra is cheaper in terms of pricing and features compared to Darktrace.
See all answers
 

Comparisons

Trend Micro Deep Discovery vs Arista NDR Logo
Trend Micro Deep Discovery vs Arista NDR
Compared 16% of the time
Cisco Secure Network Analytics vs Arista NDR Logo
Cisco Secure Network Analytics vs Arista NDR
Compared 15% of the time
Palo Alto Networks Advanced Threat Prevention vs Arista NDR Logo
Palo Alto Networks Advanced Threat Prevention vs Arista NDR
Compared 13% of the time
Darktrace vs Arista NDR Logo
Darktrace vs Arista NDR
Compared 11% of the time
ExtraHop Reveal(x) vs Arista NDR Logo
ExtraHop Reveal(x) vs Arista NDR
Compared 7% of the time
More Arista NDR Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 36% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 12% of the time
Cisco Secure Network Analytics vs Vectra AI Logo
Cisco Secure Network Analytics vs Vectra AI
Compared 6% of the time
Corelight vs Vectra AI Logo
Corelight vs Vectra AI
Compared 5% of the time
Rapid7 InsightIDR vs Vectra AI Logo
Rapid7 InsightIDR vs Vectra AI
Compared 3% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Arista NDR
December 2024
Arista NDR reportDownload Arista NDR product report
Buyer's Guide
Vectra AI
November 2024
Vectra AI reportDownload Vectra AI product report
 

Also Known As

Awake Security Platform
Vectra Networks, Vectra AI NDR
 

Learn More

Arista
Vectra AI
 

Overview

Arista NDR (formerly Awake Security) is the only advanced network detection and response company that delivers answers, not alerts. By combining artificial intelligence with human expertise, Arista NDR hunts for both insider and external attacker behaviors, while providing autonomous triage and response with full forensics across traditional, IoT, and cloud networks. Arista NDR delivers continuous diagnostics for the entire enterprise threat landscape, processes countless network data points, senses abnormalities or threats, and reacts if necessary—all in a matter of seconds. The Arista NDP platform stands out from traditional security because it is designed to mimic the human brain. It recognizes malicious intent and learns over time, giving defenders greater visibility and insight into what threats exist and how to respond to them. 

The Advent of Advanced Network Detection and Response & Why it Matters

The 5 Levels of Autonomous Security paper

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?
  • High accuracy in identifying threat locations
  • Aggregation of alerts into single incidents
  • 24/7 threat detection
  • Visibility into the entire attack lifecycle
  • Risk score aggregation
  • Effective triaging of alerts
  • Integration with other tools
What benefits or ROI should users look for?
  • Enhanced threat detection and prioritization
  • Comprehensive network visibility
  • Reduction in false positives
  • Better incident response capabilities
  • Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

 

Sample Customers

- Dolby Laboratories- Seattle Genetics- ARM Energy- Ooma- Prophix- Yapstone
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Arista NDR vs. Vectra AI
December 2024
Free Report: Arista NDR vs. Vectra AI
Find out what your peers are saying about Arista NDR vs. Vectra AI and other solutions. Updated: December 2024.
DOWNLOAD NOW
823,795 professionals have used our research since 2012.
See our Arista NDR vs. Vectra AI report.
See our list of best Network Detection and Response (NDR) vendors.

We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.