Darktrace Reviews

Normally, when we have a setup, and I log in with any guest, Darktrace blocks us from remotely logging in from within the office network. It ensures that we cannot remote log in anywhere. It is a security system that identifies hacking attempts. Darktrace also integrates with VirusTotal for verification. Additionally, we use the email protection feature.

Darktrace ensures that we do not have breaches on our systems, and it helps improve our security status before breaches can even reach our system.

The investigative part of Darktrace is valuable, especially the automation features. It allows setting up checks and provides guidance on mitigating situations, which is very useful. There are different modules that you can add to the console for protection.

The Darktrace Mobile app needs improvement as it's currently limited in functionality, and the learning AI takes a while to adapt to new devices, flagging new users as threats for up to a month before recognizing them as regular network users.

I have been using Darktrace for almost a year now.

Darktrace is very stable. I can reliably check logs and track what is happening within the system.

The scalability isn't a high priority for us as it mostly deals with system security. It provides necessary features for security enhancement whenever needed.

The support provided by Darktrace is very good. We had issues with Darktrace Mobile, and they assisted us with a solution, even allowing us to test new features.

Positive

I joined the current company after Darktrace was already in use, so I do not have information on previous solutions.

The initial setup can be rated as a seven out of ten because it involves going into the console and ensuring that the network settings are correctly configured.

Two people are enough for deployment, provided they know the network settings and configurations.

By using Darktrace alongside Mimecast, it has helped improve our security posture by preventing breaches before they reach our system.

I do not have any experience regarding the pricing or setup costs as it was managed by the company administration.

I did not have any information on other solutions evaluated prior to Darktrace as they were in use before I joined the company.

Darktrace is a good product to invest in if you can afford it. It provides excellent security features.

I'd rate the solution eight out of ten.

We use Darktrace for standard network security, mail security, and SaaS security.

NTG is now autonomous response.

The management user interface needs improvement. More insights are necessary, and deeper technical experience and knowledge are required to pinpoint actions, breaches, or behavior.

We have been using Darktrace for three years.

I would rate the stability of the solution as nine.

The scalability of Darktrace is very high. I would rate it eight out of ten.

Technical support is rated at nine out of ten.

Positive

We used more standard antivirus solutions and firewalling. However, these cannot be compared to an EDR or HDR like Darktrace.

The setup was straightforward and not a problem, even for someone not very technical.

Our service provider did some support there.

The pricing is rated at eight, implying it's considered expensive.

We evaluated other options, but they were more like standard antivirus and firewalling, not comparable to Darktrace.

I recommend Darktrace to others if they can afford it.

I'd rate the solution eight out of ten.

The solution automatically monitors everything on the network to prevent anti-phishing by monitoring, responding, and restoring the system. It prevents data excavation.

The most valuable feature is that it works autonomously. So you only need to look at the exceptions.

The solution can improve the reporting. Currently, it only runs weekly and the reporting is complex. It is more of a network monitoring system, basically AI.

I have been using the solution for four years.

The solution is stable and solid.

The solution is scalable and designed to be enterprise-wide.

Previously we used Intercept X which is more at the virus level endpoint, but Darktrace is an overall network and phishing solution.

The initial setup did not appear complex.  

The implementation was completed by a vendor technician. The setup was simple and took a couple of hours.

The solution is about $6,000 per quarter.

I give the solution ten out of ten.

Our organization has about 50 nodes and there is no maintenance involved because it is self-maintaining. I recommend the solution, it is better than SIM.

We use Darktrace to analyze our network traffic.

Darktrace is a good product, although it depends on how much time you put into it.

The models, triggers, and alerts are customizable.

The initial setup is more complex and time-consuming than some solutions.

I have been working with Darktrace for more than a year.

Darktrace is quite stable, but potentially expensive.

The vendor has different options for scaling. I use the appliance; they also offer a cloud service but I prefer the appliance. I put it between the router and the core switch and it picks up all of the traffic.

The technical support is better than Check Point. They respond more quickly.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace requires a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. In general, it's more sophisticated. As far as getting the settings and the configuration and the models that you want, it would help if you spent some time on that. We're a small team. It's beneficial to me and I can see that with more time and energy put into optimizing it and personalizing the unit, it can be much more powerful than the way I am using it now. That said, it's my secondary device. We're working on a lot of different projects, so I haven't assigned any of my guys to it yet. Ultimately, when it's fully integrated, it may end up being as useful as the Check Point.

The reason I keep all three is that they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike and worked with Symantec.

You have to customize it to the way you want, in order for it to work best for your environment. Definitely take time to train while you can during deployment.

Some things do work well, out of the box. However, this would be better suited for somebody that can take the time to configure it correctly during deployment.

Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

My advice for anybody who is implementing Darktrace is that you definitely need to take your time. Sit down and understand how to use the model breach customization. They use models and if something hits that model, it triggers an alert.

I would rate this solution a six out of ten.

The product is a type of intrusion detection and prevention software. It is for network traffic monitoring.

We are able to detect a lot of things, actually, and see what is happening in our network.

It offers good protection.

The deployment is quick. 

It's good as a solution, however, for me, it's quite complicated. They've got a lot of features there. You need a lot of time to learn it.

It's quite expensive to have.

I've used the solution for around a year.

The core is stable. There are no bugs or glitches and it doesn't crash or freeze. 

It's not high on scalability, in the box itself. You don't need scalability to scale out the server like that. 

There is one that is able to monitor the entire network. Our entire IT department is on the product. We have a three-person technical team. We may expand usage later this year. 

Technical support is quite good. Every quarter, they will contact us for a meeting, however, any issue actually is reported online and their response is quite fast.

The deployment was very fast. They just put the appliance in and connect our call switch and do everything else that is needed. It's all very fast.

We used the SI to help us with the implementation. 

The pricing is expensive. It costs over $100,000 a year. There are no additional costs beyond the price of the license. 

I'm currently exploring other solutions as a comparison. We are looking for Sangfor Cyber Command.

We're a customer and end-user.

It's my understanding that we are on version five.

I'd advise users that it's a good solution, however, they need to be prepared for a large learning curve. 

I'd rate the solution eight out of ten.

We're part of our regional hospital group in Northwestern Ontario. One of our group members was using the DarkTrace product suite. It was brought forward that other hospitals within the group may want to try it. A couple of us did a demo, which basically involved getting the appliance installed in our data center and routing all the traffic through it. 

We basically had the product running for a company, however, it really didn't pop up or offered anything that we were not already aware of. 

It has a very detailed interface - almost too detailed. It was pretty as far as the granularity of what you were getting out of it. 

The solution is very detailed. It has lots of fancy graphics that don't necessarily lead to a good outcome regarding knowing what's going on.

The only problem with these kinds of demos is that unless something actually goes wrong or you have something in the data center already; you don't see any difference. However, no news is good news.

The price point for the product was too high for what our possible use case could be. The demo might have gone more favorably in their direction if something had actually occurred during the demo. However, nothing did, and management decided that it was not worth the very high price.

The interface didn't really give you a whole bunch of insight into actually what was going on.

They did have some AI that they claimed could tell if traffic was malicious or what the intent of the traffic was. We never got to see that actually do anything. They identified some traffic. They said it was malicious. However, it turns out it was a known traffic that we had occurring, and it wasn't malicious. So there were a few missteps that way.

The UI is too dark.

We ultimately didn't find any value in the product.

We did a demo for two or three months. We did not use the solution for a very long time. 

In terms of scalability, you would need a separate device for every location. For our particular hospital, we actually have three or four main facilities, or what we would consider main facilities. You'd actually need to have a physical box for every deployment in order for traffic to be efficiently detected. They did say that we could route the traffic from the site through the box. However, essentially, that would be doubling the traffic load, which didn't really seem like it was a wise decision. As far as scalability, the box that we had was very capable of handling the traffic load that we were producing. I would say we are probably using maybe ten percent of it at the most at peak levels.

We had some interactions with them during setup and during the demo. They were fine.

Neutral

The initial setup depends on the network. We had a mature infrastructure which made it a bit more challenging.

It took us a few hours to set everything up and make sure it was capturing everything it needed to. 

If you had a straightforward Cisco environment where you could easily forward traffic and CDP needed, it would be pretty easy. 

I'd rate the pricing two or three out of ten. It is pretty expensive. For us, it just wasn't worth it. 

We are customers and end-users. 

I'd rate the solution five out of ten. It's an interesting maturing market. They do have potential, however, they do need to work a fair bit on their AI models and their interface.

We primarily use the solution for network traffic analysis, to identify potential threats running on our customers' ICP environment, and to generate alerts to our SOC.

The Enterprise Immune System, Cyber Artificial Intelligence Analyst, and Antigena technology are all very useful aspects of the product.

The solution is quite stable.

The scalability is great.

The initial setup is simple.

It can always improve here and there, however, in general, it's already quite complete. 

The solution could have better integration capabilities. There aren't so many third-party vendor platforms natively integrated with the platform. 

They need a better-automated response setup.

I've been using the solution for a few years at this point. 

The solution is stable. There are no bugs or glitches. it doesn't crash or freeze. It's reliable. 

I've found the solution's scalability to be very good. It can scale from one endpoint to many thousands of endpoints. We have a lot of implementations that are quite sizable for our customers.

We have 20 to 30 clients on the solution at this time. 

Technical support is fine. That said, we are very skilled and therefore we don't require the help of technical support all that often.

We find the implementation process to be quite painless. We only had to identify the right place in which put the appliances, and then they start learning.

We were able to deploy same day. it's a pretty fast process. 

We have a team dedicated to the delivery that manages Darktrace and other technical solutions and they are in charge of implementation in the customers' ICP environment. More or less, we have more than ten people handling this.

We are capable of handling implementations for our clients. 

Our clients pay a yearly licensing fee. I can't speak to the exact costs involved. We have a variety of clients who have licenses with Darktrace.

We are partners of Darktrace.

We utilize both cloud and on-premises deployments. 

I would recommend the solution to other companies and clients.

I'd rate the product at a ten out of ten.

We use it to understand our network and traffic. We are basically getting visibility into our infrastructure.

We are using its latest version. It has both deployments. There is one cloud, and there is one on-prem.

The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network. 

With Antigena Email, you know from where most of your spam is coming and which country is spamming you a lot. 

They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity.

I have been using it for three months.

It is stable.

It is scalable. Currently, we have just two users of this solution, but it covers all the devices that we have.

The customer success manager has been helpful. Their support is pretty good.

We used Microsoft.

It was straightforward. The installation took 30 minutes to an hour. We had training before doing the installation.

We used a consultant. We have just two engineers who are doing the deployment and maintenance.

It is pretty expensive, but it is worth it. Its licensing is yearly.

I would recommend it, but you just need to make sure that your organization is big enough. It's not worth it when the organization is small. I would recommend it for organizations with more than 5,000 devices on their network.

I would rate it an eight out of 10.