Try our new research platform with insights from 80,000+ expert users
Mebbert Chiyangi - PeerSpot reviewer
Information Security Analyst at INFRATEL CORPORATION ZAMBIA LIMITED
Real User
Top 5Leaderboard
Efficient behaviour analytics features and offers high stability
Pros and Cons
  • "One thing I appreciate is Antigena Email, which is for email protection."
  • "One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."

What is our primary use case?

Our primary use case is incident response.

How has it helped my organization?

One thing I appreciate is Antigena Email, which is for email protection.

What is most valuable?

One of the most valuable features is Behavior analytics.

What needs improvement?

One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent.

For example, if a user is sent an unauthorized file via SMB, Darktrace would only flag that SMB traffic occurred between the two users. It wouldn't be able to tell us which file was sent, so we would have to manually investigate the incident to determine what happened.

It would be helpful if Darktrace could flag the specific file that was being transferred in SMB traffic incidents. This would make it much easier to investigate these incidents and take appropriate action.

In future releases, I would like to see more playbooks.

Buyer's Guide
Darktrace
November 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

I have been using this solution for a year now. 

What do I think about the stability of the solution?

I would rate the stability a ten out of ten. 

What do I think about the scalability of the solution?

I would rate the scalability an eight out of ten. There are five end users in our analyst team. 

How are customer service and support?

The customer service and support are really good. That's one of the things that I've come to appreciate about Darktrace. 

Any concern that you give to them, they come on board and arrange a meeting where you could possibly do some practical work with them. They would take on the incident, and they would say, "Okay. Let's set this incident together."

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We used Sophos. We chose Darktrace because of its reliability. Unlike other solutions that rely heavily on signature-based logins, Darktrace operates by learning the behavior of individual users. This means that what may seem normal to me could be considered abnormal for someone else, and Darktrace can effectively block such anomalies. This feature has proven to be immensely helpful.

How was the initial setup?

The initial setup is very easy. I would rate my experience with the initial setup a ten out of ten, where one is difficult and ten is easy to set up. 

It took around an hour to set up. 

What about the implementation team?

The deployment process is pretty self-sufficient. It handles network closure and device discovery.

One person is sufficient for the deployment process. 

What's my experience with pricing, setup cost, and licensing?

The solution is quite expensive. I would rate the licensing model an eight out of ten. 

What other advice do I have?

I would recommend it based on its excellent behavior analytics and AI implementation.

Overall, I would rate the solution an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Recep  Alver - PeerSpot reviewer
Cyber Security Engineer at Natica IT Consulting at Natica IT Consulting
Real User
Top 5Leaderboard
A user-friendly cyber defense solution with useful dashboards
Pros and Cons
  • "I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
  • "It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."

What is our primary use case?

Our customers use Darktrace to monitor network traffic.

What is most valuable?

I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good.

What needs improvement?

It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper. 

What do I think about the stability of the solution?

Darktrace is relatively stable.

What do I think about the scalability of the solution?

Darktrace is scalable. It's very good. We have two big banks in Turkey using this solution.

How was the initial setup?

The initial setup is straightforward. It takes me about half an hour to deploy this solution.

What about the implementation team?

We implement this solution.

What's my experience with pricing, setup cost, and licensing?

Darktrace is expensive. You can pay for the license yearly.

What other advice do I have?

I would recommend this solution to potential users. But the cloud solution is challenging to use in Turkey.

On a scale from one to ten, I would give Darktrace an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Darktrace
November 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
AdeelAgha - PeerSpot reviewer
Team Lead - Cyber Security & Compliance at Al Tuwairqi Group
Real User
Top 5Leaderboard
Easy to deploy, stable, and scalable
Pros and Cons
  • "The AI-based pattern is the most valuable feature."
  • "There is a high ratio of false positive information."

What is our primary use case?

The solution is used as an anti-phishing tool.

What is most valuable?

The AI-based pattern is the most valuable feature. The AI monitors users' patterns in how they draft and send emails, so if there is a change in the pattern the email is flagged.

What needs improvement?

There is a high ratio of false positive information. For example, AI capabilities can sometimes make it difficult to distinguish between a legitimate email and a phishing email. This is one of the features that need to be manually sorted out and aligned. We need to improve this feature by putting DNS into the micro.

For how long have I used the solution?

I have been using the solution for three years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and support?

The technical support team is good and they provide support on a priority level.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is easy.

What's my experience with pricing, setup cost, and licensing?

The cost is moderate.

What other advice do I have?

I give the solution an eight out of ten.

Our organization chose Darktrace because of its phishing capabilities.

Darktrace is the best way to secure a gateway and I recommend the solution to others.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Pedro-Cunha - PeerSpot reviewer
Chief Information Security Officer at a consultancy with 201-500 employees
Real User
The solution's reports are intuitive and informative
Pros and Cons
  • "The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
  • "The level of tracking within the network from the transmission level up to the machine level can use improvement."

What is most valuable?

The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff.

What needs improvement?

The level of tracking within the network from the transmission level up to the machine level can use improvement.

The solution works similarly to an intrusion prevention system at the network level. It would be a nice improvement to have an add-on that can act at the post level.

The cost of the solution can be reduced to make it more appealing to customers.

For how long have I used the solution?

I have been using the solution for two and a half years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

The solution is scalable but costly to do.

How are customer service and support?

The customer support team is responsive and tries to resolve the issue proactively.

How was the initial setup?

The setup is straightforward and easy to integrate.

What's my experience with pricing, setup cost, and licensing?

The setup cost for the entry-level is pricy. 

What other advice do I have?

I rate the solution a nine out of ten.

It takes a team of five to maintain the solution.

This solution can reduce the resources required to run a security operation center by two-thirds.

The solution's reports are intuitive and informative.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Group IT Manager at a manufacturing company with 1,001-5,000 employees
Real User
Advanced Cybersecurity Artificial Intelligence, plenty of features, and impressive threat detection
Pros and Cons
  • "I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
  • "In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."

What is our primary use case?

Darktrace is used for cybersecurity, you can buy it as a physical appliance or solution as a service on the cloud. I tried the on-premises solution to detect any threat over our network.

How has it helped my organization?

Darktrace played an important role in the security detection strategy by reducing the time lost in detecting, analyzing, and incident resolving. This is due to its friendly user interface that shows you in simple graphs and analytics the output for any log over your network whether it is computer, device, switch, access point, etc...

What is most valuable?

I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network.

There is an included library of threat detections, not only locally, but threats being experienced all around the world. It is similar to a database of all the threats and what is done by cybersecurity administrators across the internet. By collecting events and information all around the world makes Darktrace more proactive in dealing with threat notifications and cybersecurity detection. The service is very comprehensive and can cover all security areas.

It has simple tracking capabilities and a graphical interface that can assist you with coding, you do not need to be a guru. The dashboards are user-friendly and you do not need an application to access your work, it is all done through any browser. Additionally, there is a mobile application that is one of the best features because you can see any threats from your phone. There is a playbook that can give you instructions. For example, if you see your network servers are being injected by ransomware you can stop the session and be notified of which person on what computer triggered the threat.

The solution is very professional. Everybody would like to have an application on their phone to be more proactive about security anywhere and this solution delivers.

What needs improvement?

In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from. Since it is collecting all scenarios that might happen from any threat, new playbooks may be discovered and customers will have the privilege to use them in their environment. Other than that, Darktrace is leading in every aspect.

For how long have I used the solution?

I have been using this solution for one month.

What do I think about the stability of the solution?

Very Stable

What do I think about the scalability of the solution?

We have a number of employees using the solution in my organization which includes administrators and management.

How are customer service and technical support?

Technical support is excellent. You can communicate with them by sending an email, WhatsApp messages, or other types of communication. They have their support in many places around the world so what ever your time zone is, they are available.

The support you do receive is excellent.

Which solution did I use previously and why did I switch?

I have used other solutions previously but non had this intelligence,

How was the initial setup?

The installation is very easy. I was shocked by the simplicity of the management, implementation, and dashboards. 

What about the implementation team?

I have implemented it using Darktrace Team who were very professional.

What's my experience with pricing, setup cost, and licensing?

The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want. There is some flexibility, for example, if you only want to have email inspections, network inspections, endpoint inspections, or brief analytics of the reports and controls over your infrastructure, can reduce the prices accordingly. Not choosing all the features can reduce the price. When comparing this solution to competitors in the market it is expensive. However, you are paying for a valuable solution with plenty of features. Their artificial and cyber intelligence is working extremely well. I am a consultant and work with a variety of solutions by myself, attend training, and understand people who are working with these solutions.

I need to know the advantage, disadvantages, weaknesses, and what makes the solution better than the others. Darktrace proves at some point that the value of money you are paying for the solution is reasonable for the advanced technology you are receiving as it covers many solutions that can cost much  much more than darktrace where as i you bought Darktrace you reducing all the complexity to one simple solution. 

Which other solutions did I evaluate?

I have evaluated many other solutions.

What other advice do I have?

My advice to those wanting to implement this solution is if they want to experience artificial intelligence, advanced cybersecurity, and high-level detection, this solution is the one. 

I rate Darktrace a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Chiefopof576 - PeerSpot reviewer
Chief Operating Officer at Winstarbel Communications Limited
Reseller
Quickly identifies threats and has good stability
Pros and Cons
  • "What I like about Darktrace, is that you can quickly identify threats."
  • "The program is quite expensive."

What is our primary use case?

Our primary use case of this solution is for endpoint data and we've had good results with Darktrace.

What is most valuable?

What I like about Darktrace is that you can quickly identify threats. I did a trial where I injected a small malware to see how long it takes for the program to identify it and to see that there is an anomaly. The response was good and it took the program less than a minute to detect it. The fast response time is definitely a plus.

What needs improvement?

The pricing is based on the number of endpoints, so the program is rather expensive. I would like to see something that will fit my clients' budget. That is something they can work on to improve.

Secondly, I would like to see my entire network, structurally and architecturally, on a single screen or in one single dashboard. Right now you have to keep going through different clippings to see everything.

For how long have I used the solution?

I've been using Darktrace for three months now.

What do I think about the stability of the solution?

The solution is stable enough for what we use it for.

What do I think about the scalability of the solution?

We haven't been using the program long enough to know how scalable it is. I also know that it will depend on the amount of traffic on your server. But I saw in the demo that it can scale up to thousands and thousands of endpoints. 

How was the initial setup?

The initial setup was quite straightforward but it gets harder if you have a lot of traffic on your server. With the right knowledge, you would be able to work around that with ease and do the configuration yourself. Because it's more deployment, so it's not that complex so far. I may have to contact their technical team once we get a bigger deployment.

Which other solutions did I evaluate?

We evaluated several other options like McAfee. One reason why I chose Darktrace, in the end, was because of the difference in price, what we intend to achieve with the program and other costs. 

What other advice do I have?

My advice to others is always to keep an open mind and to find out as much as you can about the program to see if it offers what you are looking for. I rate Darktrace eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Chief ICT Officer at Barbados Public Workers Cooperative Credit Union Ltd
Real User
Top 5Leaderboard
Helps us with network traffic visibility
Pros and Cons
  • "I am impressed with the product's ability to give insights into network traffic."
  • "I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."

What is our primary use case?

The tool offers us visibility into network traffic. 

How has it helped my organization?

The tool gives us alerts whenever an admin is trying to connect.

What is most valuable?

I am impressed with the product's ability to give insights into network traffic. 

What needs improvement?

I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint. 

For how long have I used the solution?

I am using the product since September. 

What do I think about the stability of the solution?

The solution is stable. 

How was the initial setup?

The tool's deployment is easy. 

What's my experience with pricing, setup cost, and licensing?

The tool's pricing is costly. 

What other advice do I have?

I would rate the tool a nine out of ten. You need to use the tool on a trial basis so that you can get comfortable with it. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Project Co-Ordinator at Ministry of Innovation, Science and Smart Technology
Real User
Excellent AI and machine learning functionalities for reviewing and predicting network attacks
Pros and Cons
  • "Artificial intelligence and machine learning functionalities are valuable."
  • "Getting logs from different sources can be a challenge."

What is our primary use case?

Our primary use case of this solution is for visibility. We try to get the global view of our network from an audit perspective on any given day, and figure out how that will impact our business. I'm a project coordinator and we are customers of Darktrace. 

What is most valuable?

The primary feature we are using is the artificial intelligence and machine learning functionality for reviewing and predicting network traffic and network attacks. Although we're not yet fully using the product, I like the Antigena feature which is their proactive or reactive feature, depending on the deployed antivirus center. Darktrace is for people who understand network security very well, and who have probably been in that scene for quite some time. If you're inclined towards mathematical machine learning, artificial intelligence, and to some degree, data science, this is definitely a tool for you.

What needs improvement?

It's sometimes a challenge getting logs from different sources. I would probably want to see if there was a way to improve that, to enable gathering of more information.

For how long have I used the solution?

We've been using this solution for close to four months. 

What do I think about the scalability of the solution?

Full deployment took around two weeks, mainly because the solution takes a little time to learn about your network.

How are customer service and technical support?

The technical support is excellent. They walk you through the process and do a great job. 

How was the initial setup?

The initial setup was quite simple; plug in two or three cables, they give you the requirements that you need and off you go. The configuration and learning how to tweak it is a little more complicated and involved, but the initial setup was easy. Deployment took around two to three weeks because the solution sat on the network for about 14 days doing some variable analysis and trending.

What other advice do I have?

It's a good solution. I would suggest that if it's suitable for your requirements, get it. 

I would rate this solution a nine out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.