Try our new research platform with insights from 80,000+ expert users

Corelight vs Darktrace comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Aug 6, 2024
 

Categories and Ranking

Corelight
Ranking in Network Traffic Analysis (NTA)
7th
Ranking in Network Detection and Response (NDR)
14th
Average Rating
9.0
Number of Reviews
5
Ranking in other categories
No ranking in other categories
Darktrace
Ranking in Network Traffic Analysis (NTA)
1st
Ranking in Network Detection and Response (NDR)
1st
Average Rating
8.2
Reviews Sentiment
7.6
Number of Reviews
73
Ranking in other categories
Email Security (12th), Intrusion Detection and Prevention Software (IDPS) (1st), Extended Detection and Response (XDR) (3rd), AI-Powered Chatbots (3rd), Cloud Security Posture Management (CSPM) (15th), Cloud-Native Application Protection Platforms (CNAPP) (12th), Attack Surface Management (ASM) (3rd), AI-Powered Cybersecurity Platforms (1st)
 

Featured Reviews

HamadaElewa - PeerSpot reviewer
Feb 13, 2024
An expensive solution to monitor internet traffic with multiple dashboards
The huge library especially the open source link, makes it the main engine for Corelight with some enhancements in the commercial version. It has a very powerful level, such as signature-based attacks or behavioral attacks, with enhancements in the design. It is very flexible for intelligent implementations like IPs, especially between big companies and banks. Corelight is easy to understand and monitor what is going on behind the team. The solution is already integrated with other systems like Suricata, Elastic, and Microsoft tools. It's very easy to integrate signature-based or behavior-based engines. You can use Elastic for the dashboards to get it from Corelight, along with all the benefits and expandability.
Luis KiambatA - PeerSpot reviewer
Nov 9, 2022
Great autonomous support, offers an easy setup, and has responsive support
We primarily use the solution for IT. Customers use it for banks or construction sites, depending on our customers. We haven't had an OT implementation yet. However, we have interest from two companies The autonomous response is great. It blocks basically everything that is outside the normal,…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's easy to create additional dashboards specific to supporting specific tasks."
"The most valuable feature is the embedded IDS from Suricata."
"Corelight is easy to use."
"It's an easy way for us to get visibility in a client's environment."
"It is easy to deploy and easy to handle."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"The product offers us a very good user interface and we've found the network visibility to be very good so far."
"The scalability of Darktrace is very high."
"One thing I appreciate is Antigena Email, which is for email protection."
"The platform has many modules, and each module examines a different situation in the behavior."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
 

Cons

"Corelight hasn’t added features in a long time."
"They can enhance the interface of the product. They can make it more interactive and also easier to use for feature access."
"The solution’s architecture is complex and difficult to understand. There are multiple machines and VMs."
"Machine learning could be a good improvement, but it's very costly."
"In the next release, building a graphical user interface would be helpful."
"The cost is a bit on the higher side."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"This is quite an expensive product so the pricing is something that can be improved."
"I'd love them to see maybe covering the cloud a bit more."
"It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."
 

Pricing and Cost Advice

"It's a yearly fee and depends on what you are looking for."
"If you consider the features and the cost of market leaders, we are satisfied with the pricing."
"This solution is expensive."
"It is expensive."
"The cost of the solution can be reduced to make it more appealing to customers."
"It is expensive. I don't have the price for other competitors."
"They are too expensive compared with other vendors."
"It's an expensive solution."
"When it comes to large installations, it can be expensive, but for small accounts it's fine."
report
Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
12%
Government
11%
Manufacturing Company
7%
Computer Software Company
15%
Financial Services Firm
8%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Corelight?
It's easy to create additional dashboards specific to supporting specific tasks.
What is your experience regarding pricing and costs for Corelight?
The solution is too expensive compared to others. If you have the technical knowledge, it's good. Corelight is a very big gap between you and others if you’re new.
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
 

Comparisons

 

Overview

 

Sample Customers

Education First
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Find out what your peers are saying about Corelight vs. Darktrace and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.