Darktrace Reviews

Darktrace is a cybersecurity solution that is essentially an AI-driven ecosystem. Call it network monitoring with telemetry SaaS cloud connections.

It provides a comprehensive cybersecurity solution that monitors my cloud accounts as well as my local network. It monitors local network traffic, VPN's and it connects to my firewalls, allowing me to see what's going on in my environment. I have visibility into pretty much everything that's going on now.

The active threat dashboard is the most valuable feature of this solution. 

The licensing model has room for improvement. The license by IP rather than node or device, even if it's a single Mac address. If I have three people who are constantly in three different locations, they want to charge you three licenses. My only criticism of the product is that its licensing model isn't flexible.

I would like to see a Darktrace EDR client, a true EDR client that integrates into it, and not a third-party EDR.

I have been working with Darktrace for six months. 

We are working with the most recent version.

Darktrace is very stable. It's very reliable.

Darktrace is a very scalable solution.

We have 650 users in our organization.

It's extensively used.

I give them five stars from the sale cycle to the support cycle.

I considered other options, but this is the one I chose, because of the flexibility and the ease of use.

The initial set is very simple and intuitive. With the instructions provided, it took about 10 minutes to set up.

It requires no maintenance. It is managed by Darktrace, they push down the updates. I don't have to do anything with it.

I think it's mostly the licensing on the network monitoring piece that I don't like. All of the other modules, such as the licensing modules, are on par. It's one for one.

I evaluated Endpoint protection solutions, such as CrowdStrike Falcon, Darktrace, and SentinelOne. We decided on Darktrace.

I'm a partner with Darktrace.

I would advise them to engage with their sales team and their sales engineering team to make sure they understand the license model.

It's very intuitive. It's a fantastic product, and the only reason they don't get a 10 is because of their licensing. I believe their network monitoring device licensing module could use some improvement.

I would rate Darktrace an eight out of ten.

Normally, when we have a setup, and I log in with any guest, Darktrace blocks us from remotely logging in from within the office network. It ensures that we cannot remote log in anywhere. It is a security system that identifies hacking attempts. Darktrace also integrates with VirusTotal for verification. Additionally, we use the email protection feature.

Darktrace ensures that we do not have breaches on our systems, and it helps improve our security status before breaches can even reach our system.

The investigative part of Darktrace is valuable, especially the automation features. It allows setting up checks and provides guidance on mitigating situations, which is very useful. There are different modules that you can add to the console for protection.

The Darktrace Mobile app needs improvement as it's currently limited in functionality, and the learning AI takes a while to adapt to new devices, flagging new users as threats for up to a month before recognizing them as regular network users.

I have been using Darktrace for almost a year now.

Darktrace is very stable. I can reliably check logs and track what is happening within the system.

The scalability isn't a high priority for us as it mostly deals with system security. It provides necessary features for security enhancement whenever needed.

The support provided by Darktrace is very good. We had issues with Darktrace Mobile, and they assisted us with a solution, even allowing us to test new features.

Positive

I joined the current company after Darktrace was already in use, so I do not have information on previous solutions.

The initial setup can be rated as a seven out of ten because it involves going into the console and ensuring that the network settings are correctly configured.

Two people are enough for deployment, provided they know the network settings and configurations.

By using Darktrace alongside Mimecast, it has helped improve our security posture by preventing breaches before they reach our system.

I do not have any experience regarding the pricing or setup costs as it was managed by the company administration.

I did not have any information on other solutions evaluated prior to Darktrace as they were in use before I joined the company.

Darktrace is a good product to invest in if you can afford it. It provides excellent security features.

I'd rate the solution eight out of ten.

The product is a type of intrusion detection and prevention software. It is for network traffic monitoring.

We are able to detect a lot of things, actually, and see what is happening in our network.

It offers good protection.

The deployment is quick. 

It's good as a solution, however, for me, it's quite complicated. They've got a lot of features there. You need a lot of time to learn it.

It's quite expensive to have.

I've used the solution for around a year.

The core is stable. There are no bugs or glitches and it doesn't crash or freeze. 

It's not high on scalability, in the box itself. You don't need scalability to scale out the server like that. 

There is one that is able to monitor the entire network. Our entire IT department is on the product. We have a three-person technical team. We may expand usage later this year. 

Technical support is quite good. Every quarter, they will contact us for a meeting, however, any issue actually is reported online and their response is quite fast.

The deployment was very fast. They just put the appliance in and connect our call switch and do everything else that is needed. It's all very fast.

We used the SI to help us with the implementation. 

The pricing is expensive. It costs over $100,000 a year. There are no additional costs beyond the price of the license. 

I'm currently exploring other solutions as a comparison. We are looking for Sangfor Cyber Command.

We're a customer and end-user.

It's my understanding that we are on version five.

I'd advise users that it's a good solution, however, they need to be prepared for a large learning curve. 

I'd rate the solution eight out of ten.

I'm currently heading cybersecurity for 1,500 entities. Some of them have deployed Vectra, and some of them have deployed Darktrace. Darktrace has been in the UK market for a while, whereas Vectra is a not-so-old player in the UK market.

We are using the latest version of Darktrace but not their latest offering. They are now also providing email security over the Darktrace platform, but we have not been utilizing that. We have been utilizing their network detection and response and some part of automated incident response (IR) capability.

We have a hybrid infrastructure. Some centers are deployed in the cloud, and some centers are deployed on-prem. The management platform is currently on-prem, but the plan is to move it to SaaS.

In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. 

Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful.

In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. 

They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace.

It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. 

They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions.

I have been using this solution for maybe six or seven years. At my previous workplace, we were one of the early adopters of Darktrace's unsupervised machine learning technology.

Its stability is fine. We are utilizing a mix of their deployment capability. We have appliance-based and sensor-based deployments. Performance-wise, sensor-based ones are slower than appliance-based ones. An appliance also has dedicated hardware.

In terms of scalability, it is fine. We have deployed Darktrace for around 7,000 to 8,000 users for one part of an entity, and it has been working fine. I don't see any issue in terms of its scalability. 

Currently, it has around 7,000 to 8,000 users, but it is getting extended. We are in the process of extending the Darktrace capability to other entities. We are talking about 1,500 entities and 120,000 users in different dispersed and segregated environments. 

They've been quite okay in their responses. This solution is definitely complex, so sometimes we don't get the expected level of information or answer straight away, but they have been okay in responding and following up. I would rate them a seven out of ten.

From the initial deployment perspective, it was quite straightforward. We just need to make some configuration changes and then Darktrace works on spanning. It gets a copy of all the data from the network, and it starts building the profile. It has a pretty straightforward deployment.

I would rate Darktrace a seven out of ten. It is a good solution, but it requires some improvements. 

Darktrace is used for detecting network-based threats like ransomware in the early stage or illicit communications with external endpoints.

A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time. Data acquisition is the source rather than tapping the data downstream after some processing.

Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection. They could thereby have a more holistic knowledge of the system through network information or through visibility into the operating system of the endpoints.

I have been working with Darktrace for four years.

Darktrace is a very stable solution.

Darktrace is a very scalable solution. Our clients for Darktrace are enterprise customers.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very straightforward.

The solution's deployment time depends on the complexity of the network. For some huge networks, you need to tap the right resources and measure the system to acquire all the required traffic. The deployment is very straightforward in smaller networks where you have to connect to only one switch.

Darktrace is quite an expensive solution. Users need to pay a yearly licensing fee for the solution.

Darktrace has improved our client's organization's threat detection and response capabilities. Darktrace has helped users intercept and stop ransomware attack attempts in the very early stage, within a couple of minutes of its detection Autonomous response is a very good and useful feature that differentiates Darktrace from other solutions.

One person can easily maintain the solution. Darktrace easily integrates with our client's IT infrastructure solutions, like Microsoft 365, CrowdStrike, and Palo Alto firewalls. Darktrace has impacted our clients' incident response time to be very quick.

Darktrace is an autonomous solution. Users have to ensure they present all the traffic to the tool so it can intercept threats and not have hidden spots in their networks.

Overall, I rate Darktrace a nine out of ten.

We have a layered approach to our cyber security. We have unified threat management and use several solutions such as Kaspersky, FortiGate, and Mimecast. However, we felt that we needed something on top of all of these and decided to go with Darktrace. We only have one in-house IT security person and were looking for a solution like Darktrace that was more automated.

I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.

It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time.

We did a proof of concept with Darktrace for a year.

It is a scalable solution.

Darktrace's technical support staff were responsive. We did not have to wait long for feedback on anything.

We were able to deploy it in half a day. One person can handle the maintenance of the solution.

We implemented the solution with the help of Darktrace representatives.

We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once.

Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution.

I would rate Darktrace at nine out of ten. It is a growing product that helps with an ever changing threat landscape. Traditional endpoint antivirus solutions will not be able to keep up.

We are primarily using the solution for network monitoring as well as cybersecurity.

The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us.

The solution is stable.

The product scales well within a network.

The initial setup is pretty simple.

The solution isn't too expensive.

The solution could be easier to use.

The user interface is a bit too detailed. They should work to pare it down and simplify it. They seemed to have designed it for an expert user and not a layman. If there are some system administrators who are not experts and they just want to just get sensors reports and escalate, it should be easier for them to do so.

I've been using the solution for three years at this point.

The solution is very stable. As far as we've been using it, we've not had any major issues. It doesn't crash or freeze. There are no bugs or glitches. It's reliable.

The solution is scalable within the network. If a company needs to expand it, it can do so.

For our particular office, we have around 100 users.

I cannot say if we will increase usage. We have many offices and decisions in relation to usage increases would come from our UK office.

Technical support is great. They are very responsive and helpful. We are very satisfied with the level of support they provide to us.

We did not previously use a different solution. For cybersecurity, this is our first product. We were using the traditional endpoint protection as well, and we still do. For that, we use Sophos.

The installation was straightforward, from what I understand. I didn't actually handle ht process. That was done by a consultant. 

The deployment was fast. In less than an hour, everything was up and running.

I handle the maintenance myself.

We had a consultant that assisted us with the implementation. They made the process very easy.

We typically do yearly or three-year licensing, however, I can't speak to the exact costs or arrangements.

It's not too expensive. The price is good for what it offers.

We're just a customer and an end-user.

Overall, I'd rate the solution at an eight out of ten. We've mostly been quite happy with the product.

I'd recommend it to other users and organizations.

The primary use case for Darktrace is for tracking intruders and alerting for network threats.  

The most valuable feature in Darktrace is that it gives me a comprehensive, detailed view of my network and whatever is happening inside it. It is a very good tool for me that helps me to remain aware of security vulnerabilities. I know what is happening on my network in real-time and it responds quickly. It is really very useful.  

I am just a manager and I do not really have a technical viewpoint. The tool really suits me perfectly for now for all my basic security needs and what I expect it to do. It does not need any major changes right now to do what I need it to do. It is not missing anything.  

If I am thinking about improvement, everything can be improved somewhat. Maybe the interface and dashboards could be better. I would be glad if they could make these easier from the point of view of management. It could save some time.  

The price is also a little high and could be more enticing.  

We have been using Darktrace for about two years.  

Darktrace is very stable. It provides 99.9% of our security needs and it does not have downtime. It is a very good, stable solution.  

We did not have the opportunity to test the scalability because our organization has not grown much over the period of time that we have been using the product. I think that scalability is built into the product, but for now, we have not experienced how scaling the product works firsthand.  

I am not so satisfied with the pricing model for Darktrace. The price is a little bit high compared to other solutions. The pricing model should be more flexible.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Darktrace as an eight-out-of-ten.