Try our new research platform with insights from 80,000+ expert users

Fortra's Alert Logic MDR vs Vectra AI comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
3
Ranking in other categories
Vulnerability Management (27th), Continuous Threat Exposure Management (CTEM) (6th)
Fortra's Alert Logic MDR
Average Rating
8.0
Reviews Sentiment
6.9
Number of Reviews
11
Ranking in other categories
Vulnerability Management (29th), SOC as a Service (5th), Managed Detection and Response (MDR) (20th)
Vectra AI
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (3rd), Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (15th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

Vulnerability Management
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
reviewer2191746 - PeerSpot reviewer
It's a highly mature, competitively priced solution that provides total visibility into your ecosystem. FORTRA's Alert Logic has the only Cybersecurity Platform that integrates XDR+WAF+VM+DLP in one.
Alert Logic offers total visibility into the client's IT ecosystem. The solution's intrusion detection system inspects 100 percent of the network packets and installs universal agents on all physical and virtual servers for log collection. Alert Logic also aggregates logs of the client's various 3rd Party security tools into a single pane of glass. All of the analytics from those data feeds got to a 24/7 SOC with sophisticated resources. Alert Logic has massive threat intelligence resources to provide additional context to the incident response declarations. They do all the heavy lifting for clients who lack the technology and resources to operate their own SOC. The client is solely responsible for the incident response component. The macro analytics resides on Alert Logic's cloud. You have the ECM response and business application team on the client side. Everything works in tandem, which is the only way you can deal with the advanced threats we face today, especially the ransomware families. If you don't respond in minutes, you're in trouble.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"It is a very stable product."
"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."
"We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."
"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."
"The solution was consistently available, and I cannot recall any instances where it was down."
"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."
"Everything is in one dashboard; I'm notified when there's an incident and advised on what steps to take."
"The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"Vectra AI is the best. It is a major product in our cybersecurity."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"Could be more of an endpoint protector."
"The product needs to mature. We don't want to be bombarded with unnecessary issues and have the real ones slip through."
"We'd like to have triggered alerts sent to us so we see errors quicker."
"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."
"The setup process was complex."
"The documentation, especially with the initial setup, needs improvement."
"I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email.""
"As a user involved with the user interface, I believe there is a need to continue improving it based on feedback from our customers."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"Multiple appliances are required for Vectra AI, making it less convenient compared to competitors."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"The solution's marketing is not good."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."
 

Pricing and Cost Advice

Information not available
"Almost any product that is on the AWS Marketplace is super easy to subscribe to."
"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."
"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."
"Alert Logic has better competitive pricing than some of its competitors."
"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."
"My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
"It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes."
"From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."
"Vectra AI's pricing is cheaper than that of Darktrace."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"The pricing is high."
"Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
7%
Retailer
6%
Computer Software Company
17%
Financial Services Firm
14%
Manufacturing Company
9%
Healthcare Company
9%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
I find that the pricing for Zafran aligns well with the comprehensive features it offers. The asset and user-based li...
What needs improvement with Zafran Security?
While Zafran Security is already a powerful tool, there are areas where it could be further improved to provide even ...
What is your primary use case for Zafran Security?
Our primary use case for Zafran involves leveraging it to enhance our vulnerability risk scoring methodology. In toda...
What do you like most about Alert Logic?
The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them ...
What is your experience regarding pricing and costs for Alert Logic?
Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.
What needs improvement with Alert Logic?
Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy ...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

No data available
Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Wiz, Qualys, Tenable and others in Vulnerability Management. Updated: April 2025.
849,190 professionals have used our research since 2012.