We compared Vectra AI and ExtraHop Reveal(x) based on our user's reviews in 4 parameters. After reading all of the collected data, you can find our conclusion below.
Vectra AI excels in customer service, advanced threat detection, and competitive pricing. User feedback on ExtraHop Reveal(x) highlights robust network visibility, intuitive user interface, and highly regarded customer support. Vectra AI users appreciate the affordability and flexibility of the pricing, while ExtraHop Reveal(x) users value the comprehensive analytics capabilities.
Features: Vectra AI stands out for its advanced threat detection capabilities, machine learning algorithms, and automated response features. ExtraHop Reveal(x) is praised for its robust network visibility, comprehensive analytics, and intuitive user interface.
Pricing and ROI: Vectra AI offers competitive pricing with reasonable setup costs and flexible licensing options. ExtraHop Reveal(x) is also well-received for its cost-effectiveness, low setup cost, and straightforward licensing process. Users have had positive experiences with both products in terms of pricing, setup cost, and licensing. Vectra AI delivered ROI that exceeded expectations with significant security and efficiency improvements. ExtraHop Reveal(x) was praised for enhancing network visibility and security with user-friendly interface and robust functionalities.
Room for Improvement: Vectra AI has room for improvement in its complex and unintuitive user interface, lack of customization options, occasional glitches, and high pricing. ExtraHop Reveal(x) could enhance its user interface, accuracy, documentation, and customer support for a better user experience.
Deployment and Customer Support: Vectra AI may be a bit complex and require additional customization for on-prem installations. ExtraHop Reveal(x) is considered simple and offers a user-friendly initial setup. Vectra AI stands out for its exceptional customer support, with knowledgeable staff providing quick solutions. ExtraHop Reveal(x) also has good support, however, it suffers from occasional quality issues.
The summary above is based on 31 interviews we conducted recently with Vectra AI and ExtraHop Reveal(x) users. To access the review's full transcripts, download our report.
"The most valuable features of ExtraHop Reveal(x) are the detection and alerting of network behavior and anomalies."
"When there are performance issues with an HTTP app, ExtraHop enables us to identify the causes within a few minutes. We can see what transactions are being impacted by something that may be happening within the server environment."
"The solution's initial setup process is easy."
"With ExtraHop Reveal(x), it gives me more visibility into the packets. It doesn't provide the entire packet capture, but it offers more information on how connections are made at the network layer. This can be helpful for detecting network attacks. Additionally, I really like the customizable dashboards and reports. The incident dashboard and alerts provide a good summary initially, and diving deeper into them gives more detailed information. It's also great for analyzing specific attacks and victim logs. The feature that tracks the full attack chain makes it easier to monitor the progress of attacks. Plus, it's connected to the Netria.com app, which I find useful for certain tasks."
"The solution's ability to decrypt SSL traffic is its most valuable feature."
"The security features of this solution are the most valuable."
"The solution works well for sending sensors."
"It's a wire analytics tool. We use it for isolating and determining issues on our network or applications. It does a lot for crediting the network as opposed to discrediting the network. A lot of people come along and say that it's a network issue. It's always considered to be a network issue, but by using ExtraHop, we can quickly tell them that it's not a networking issue. It's something to do with your application or something at the other end. It could be a database issue. This tool gives us the ability to pinpoint with great accuracy the comings and goings on our network."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"Vectra AI is the best. It is a major product in our cybersecurity."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"It needs integration with more security vendors."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"The solution is expensive and gets more expensive if a company needs to scale it."
"I would like to see more cloud capability."
"The solution should include more support protocols."
"I think the tuning capabilities could be improved. We're working on minimizing false positives. Apart from that, everything seems fine to me."
"Agent management could certainly use some focus. It should also be a little bit easier to work with collections. We should be able to nest collections within collections. There should be better nesting."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 12 reviews while Vectra AI is ranked 2nd in Network Traffic Analysis (NTA) with 40 reviews. ExtraHop Reveal(x) is rated 8.6, while Vectra AI is rated 8.6. The top reviewer of ExtraHop Reveal(x) writes "It helps you visualize how data moves across your network". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". ExtraHop Reveal(x) is most compared with Darktrace, Corelight, Cisco Secure Network Analytics, Arista NDR and ExtraHop Reveal(x) 360, whereas Vectra AI is most compared with Darktrace, Cisco Secure Network Analytics, Arista NDR, Corelight and Trend Micro Deep Discovery. See our ExtraHop Reveal(x) vs. Vectra AI report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.