Darktrace Reviews

We use Darktrace to monitor our network and block URLs from certain countries. Darktrace is integrated with our firewall, so the blocking is automatic. 

We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them. 

Darktrace blocks any new scanning tools that are detected on your system. 

I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets.

We have used Darktrace for about six months.

Darktrace is highly stable. We haven't had any downtime except for a power outage last year. 

We reported one case, and Darktrace support responded right away.  They assigned us an account executive who contacts us at least once monthly to discuss any outstanding issues. 

Setting up Darktrace was pretty straightforward. We had to open the port that is plugged into the switch. The whole process was done in under five minutes. You plug in the device and turn it on. 

Darktrace has helped us identify gaps in our system.

Darktrace is pricey, but the price is reasonable for what the solution does, and it's comparable to other products.

I rate Darktrace 8.5 out of 10. I recommend doing a proof of concept to see what you're getting. We got good results. During the POC, Darktrace showed us lots of things we didn't know about. 

I am working with Darktrace in concert with F5, Tufin, and SAP security products.  

One of the things I like most about Darktrace is the fact that it has AI analytics built into it. That merger allows us to have a look at the way that things are working within our company. The fact that it is self-learning is a benefit that has given me 100% visibility across the cloud, my SaaS (Software as a Service) providers, my Office 365 services, within my data center, and also on-premises.  

We are also working with Darktrace on their alpha and beta testing for endpoint security. That is a model that we are thinking about incorporating later. 

Another thing I really like is that it is a very simple product to use. It is very logical and it works beautifully.  

The product is really excellent all around and I can not fault it. The only thing that I can think of that would improve it would be if they had a better visualization and a reporting portal.  

What I mean by better visualization is it could help map our services and endpoints in a better way. At the moment it is fairly complex in the way that it represents our network devices. It would help if there was in a slightly more logical way of visualizing the assets as opposed to the way it is currently being done.  

We are talking to Dartrace at the moment about putting in a reporting portal so we can have technical reports separate from management reports. Some of our management gets information in reports that they do not need to see. When they see it they will not understand what it means. Targeting — or customizing — the reports that we make can allow us to have the content fit what the recipient needs to see without distracting extras.  

Apart from those potential additions, this product is absolutely excellent. It has given us everything we have wanted. Darktrace, as a company, has been really good. Our account manager is totally responsive. The support teams have been really conscientious.  

Fingers crossed. So far Darktrace has proven to be a great asset.  

We have been using Darktrace for about four-and-a-half years now.  

The scalability of Darktrace is excellent. If we want to increase the IP count it is just a matter of negotiating the licenses. We have already upgraded to the largest model of their hardware, and scaling is nice and simple in that situation.  

The technical support people have been good. They understand exactly what we need every time. So I am very happy about that.  

If you ask a question and support can not answer straight away, they will say that they will be back to you within 'X' number of hours. Then they actually do it, which is not something that you get a lot of in technical support teams. Normally people do not stick to what they say they are going to do.  

Our deployment took probably the best part of three months. But the amount of time was more a matter of our constraints, not a problem with Darktrace and the difficulty of deployment. We are operating in 13 countries and it was the scale of it that took additional time. Smaller deployments will take less time.  

If someone asked me for advice about the product I would definitely highly recommend it to those who need this type of solution. It is really good. It has given us a view of our company and it has actually caught a couple of people that were doing data exfiltration and stealing data from our company. We caught them doing it in the act in live time, which is just incredible.  

On the scale from one to ten where one is the worst and ten is the best, I would definitely rate this product at the moment as a ten. It is a perfect solution for our needs.  

Generally, we use Darktrace for behavioral analytics. We use it in the inner-network and the outside network for malicious connectivity. Darktrace gives us support with networks. We follow all the notifications and sometimes we block malicious IPs from the firewall.

Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside.

Darktrace needs to simplify most of the positive reports. We have to field all the positive reports, false positives, too. Sometimes we need to check false positives manually. We have to filter false positives. After that, we configure it again. Then, we want to analyze these false positives. That's the main thing. If we are assessing features, this should be easier to handle.

Darktrace needs to automate the reports of false positives, botnets, and everything.

So far, I think the solution is good. Not excellent, good.

I'm using Darktrace about two years.

The stability of the solution is fine.

In terms of scalability, it is ok.

It's a behavioral analysis solution, so we are not actively using it. We analyze all the user traffic from the Darktrace. That's the main thing. 

There are about 3,000 users. All the 3,000 user traffic is going through Darktrace.

We don't do the maintenance for Darktrace. My vendor is maintaining it since we got the product from them.

We are analyzing attempts to connect to them. After that, if you want reports, they provide them. We have a service and everything with the vendor. Then, if we have any requirements, they do it for us. The solution is working all day and my team is analyzing two hours for that.

In terms of technical support, if you raise some complaints, they tend to everything with user traffic within three or four hours. They provide the solution then we implement it.

Before using Darktrace I was using FireEye, but I switched because FireEye is very expensive and they do the same thing. It provides the same thing, except that DarkTrace has a different solution for the firewall, email filtering and everything else, and Darktrace is doing everything in a single box.

The initial setup is simple. It only takes three or four days. But we need to identify one to three traffic behavioral analysis, after that we can find the lead.

My team handled the deployment. They did everything. After that, they give me a report, which I then go through.

We are doing a monthly cost-basis. It's about 500,000 NKR because we are the first to implement it in Sri Lanka. We worked out direct pricing from Darktrace UK. After that, we selected a vendor in Sri Lanka. But the thing is, we are the first implementation here. I think they are actually undercharging and giving us the solution first because they want a reference from us since we are a bank in Sri Lanka. That's why they are doing it like that.

There are no additional costs besides the license, except the 15% rate to the Sri Lanka government.

Based on our experience with DarkTrace, I would advise that if they are comparing prices, ROI and everything, I think Darktrace is better than FireEye.

On a scale of 1 to 10 I can rate it a 6. I give it a 6 because it's been a year learning everything, and technology, attacks and patents are changing everyday.

We're using it in a complete security solution yet still within a different product that Darktrace has that's related to the network or email.

The most valuable aspect of the product would be that it's a product that is quite easy to integrate. It's quite easy to start working with it, which is working well. The concept of artificial intelligence that is behind the solution is the most interesting feature for us.

The sense of detection and monitoring and topics within security is good.

It was easy to set up the product.

We have found the product to be stable and issue-free.

It is scalable. 

We need them to ensure they will detect new attacks and pick up anomalies.

We, of course, would love more threat intelligence, and more integration with vulnerability scanners. We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on. 

They're working in different modules that could be related to threat intelligence and to the tech vulnerabilities or functionalities related to EDR.

We've been working with the solution for the last couple of years. 

We've had no issues with stability. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

It is scalable and easily expands. 

The whole of the organization leverages the product, however, I do not have a clear picture of how many people we are working it. That said, we have a company of 2,000.

I've dealt with technical support in the past. I found them to be helpful. 

Positive

We did previously use a different solution. That said, I don't remember what it was called. 

The product is easy to set up.

After deployment, we spent three months, which is the time that this solution needs to learn about what's happening in our network. In one day, once we had defined all the configurations and once they have been seen on the appliance, we were able to start running it.

It's an easy product to maintain. 

We handled the initial setup ourselves. We did not need any outside assistance from integrators or consultants. 

The pricing is okay. I'd rate it seven out of ten in terms of affordability.

You have different modules which you have to pay for. If you want to expand functionality, it ends up costing more. 

Looked at Microsoft, Proofpoint, and Minecraft when we were looking into Darktrace. We decided on this product based on the available features. 

We are using the last version of the solution, although I don't know the exact version number. We plan to upgrade in the next couple of weeks. We might be on version five, with the latest being six.

This is something that is really easy to implement in an organization. It gives us good visibility about what is happening in our networks, and on the system. We like the transparency available within our infrastructure now. We can also personalize it to fit our needs. You can either choose plug and play or you can go deeper. They have artificial intelligence you can start working with. You can define more by leveraging modules. Overall, it's very interesting. 

I'd rate the solution eight out of ten.

Darktrace learns patterns and can identify malicious behavior based on that learning. It learns what tasks users perform, what data they access, and similar activities. Unlike an EDR, which uses patterns and signatures to identify existing threats, Darktrace uses AI to learn and recognize patterns. This provides a different approach to monitoring and detecting anomalies. 

Pricing could be cheaper.

I have been using Darktrace as an end user for three years.

I rate the solution’s scalability a ten out of ten.

The initial setup is straightforward and takes a couple of hours.

We did in-house because we've got skill levels, but differently depending from time to time, depending on

The benefit is the security. You probably have a security case, an alarm system, and one or two locks. You don't rely on one security device; you have different layers. Darktrace is just one of those layers.

It is very expensive.

I rate the product’s pricing a ten out of ten, where one is cheap and ten is expensive.

I am the sole administrator and monitor of Darktrace because we have a small IT team. However, Darktrace monitors our entire organization. In a larger company with many IT departments, multiple people might monitor Darktrace and engage with it. Our finance company has a small IT department.

Darktrace adapted to the evolving landscape of cybersecurity threats by leveraging proprietary technology and machine learning algorithms. Their unique approach and cutting-edge solutions have established them as a leading company.

It's difficult to gauge the effectiveness of Darktrace because we don't fully understand how it operates; we only see the alerts it generates. If we create an event on the network, Darktrace will alert us so we know it works in those scenarios. If something new and unknown happens on the network, it's unclear whether Darktrace will detect it. We're paying a lot of money, hoping it does, as Darktrace is a proprietary technology. It might work, or it might not detect some threats. We don't have full visibility or a map of its coverage.

Darktrace can be expensive, depending on the use case. It's like comparing different types of cars: some people need a two-seater, while others need a ten-seater. Darktrace is more like a seven-seater—very specific and not suitable for everyone. 

Overall, I rate the solution an eight out of ten.

Darktrace is used for detecting network-based threats like ransomware in the early stage or illicit communications with external endpoints.

A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time. Data acquisition is the source rather than tapping the data downstream after some processing.

Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection. They could thereby have a more holistic knowledge of the system through network information or through visibility into the operating system of the endpoints.

I have been working with Darktrace for four years.

Darktrace is a very stable solution.

Darktrace is a very scalable solution. Our clients for Darktrace are enterprise customers.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very straightforward.

The solution's deployment time depends on the complexity of the network. For some huge networks, you need to tap the right resources and measure the system to acquire all the required traffic. The deployment is very straightforward in smaller networks where you have to connect to only one switch.

Darktrace is quite an expensive solution. Users need to pay a yearly licensing fee for the solution.

Darktrace has improved our client's organization's threat detection and response capabilities. Darktrace has helped users intercept and stop ransomware attack attempts in the very early stage, within a couple of minutes of its detection Autonomous response is a very good and useful feature that differentiates Darktrace from other solutions.

One person can easily maintain the solution. Darktrace easily integrates with our client's IT infrastructure solutions, like Microsoft 365, CrowdStrike, and Palo Alto firewalls. Darktrace has impacted our clients' incident response time to be very quick.

Darktrace is an autonomous solution. Users have to ensure they present all the traffic to the tool so it can intercept threats and not have hidden spots in their networks.

Overall, I rate Darktrace a nine out of ten.

We have a layered approach to our cyber security. We have unified threat management and use several solutions such as Kaspersky, FortiGate, and Mimecast. However, we felt that we needed something on top of all of these and decided to go with Darktrace. We only have one in-house IT security person and were looking for a solution like Darktrace that was more automated.

I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.

It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time.

We did a proof of concept with Darktrace for a year.

It is a scalable solution.

Darktrace's technical support staff were responsive. We did not have to wait long for feedback on anything.

We were able to deploy it in half a day. One person can handle the maintenance of the solution.

We implemented the solution with the help of Darktrace representatives.

We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once.

Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution.

I would rate Darktrace at nine out of ten. It is a growing product that helps with an ever changing threat landscape. Traditional endpoint antivirus solutions will not be able to keep up.

We use it to understand our network and traffic. We are basically getting visibility into our infrastructure.

We are using its latest version. It has both deployments. There is one cloud, and there is one on-prem.

The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network. 

With Antigena Email, you know from where most of your spam is coming and which country is spamming you a lot. 

They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity.

I have been using it for three months.

It is stable.

It is scalable. Currently, we have just two users of this solution, but it covers all the devices that we have.

The customer success manager has been helpful. Their support is pretty good.

We used Microsoft.

It was straightforward. The installation took 30 minutes to an hour. We had training before doing the installation.

We used a consultant. We have just two engineers who are doing the deployment and maintenance.

It is pretty expensive, but it is worth it. Its licensing is yearly.

I would recommend it, but you just need to make sure that your organization is big enough. It's not worth it when the organization is small. I would recommend it for organizations with more than 5,000 devices on their network.

I would rate it an eight out of 10.