The primary use case for Darktrace is for tracking intruders and alerting for network threats.
CTO at CyberSecur, Lda
Get a comprehensive view of your network and whatever is happening inside it in real-time
Pros and Cons
- "It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
- "It is a stable solution without downtime."
- "The pricing model is a little too high and could be more flexible."
- "The interface and dashboards could be improved for ease-of-use."
What is our primary use case?
What is most valuable?
The most valuable feature in Darktrace is that it gives me a comprehensive, detailed view of my network and whatever is happening inside it. It is a very good tool for me that helps me to remain aware of security vulnerabilities. I know what is happening on my network in real-time and it responds quickly. It is really very useful.
What needs improvement?
I am just a manager and I do not really have a technical viewpoint. The tool really suits me perfectly for now for all my basic security needs and what I expect it to do. It does not need any major changes right now to do what I need it to do. It is not missing anything.
If I am thinking about improvement, everything can be improved somewhat. Maybe the interface and dashboards could be better. I would be glad if they could make these easier from the point of view of management. It could save some time.
The price is also a little high and could be more enticing.
For how long have I used the solution?
We have been using Darktrace for about two years.
Buyer's Guide
Darktrace
November 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
Darktrace is very stable. It provides 99.9% of our security needs and it does not have downtime. It is a very good, stable solution.
What do I think about the scalability of the solution?
We did not have the opportunity to test the scalability because our organization has not grown much over the period of time that we have been using the product. I think that scalability is built into the product, but for now, we have not experienced how scaling the product works firsthand.
What's my experience with pricing, setup cost, and licensing?
I am not so satisfied with the pricing model for Darktrace. The price is a little bit high compared to other solutions. The pricing model should be more flexible.
What other advice do I have?
On a scale from one to ten where one is the worst and ten is the best, I would rate Darktrace as an eight-out-of-ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
RSSI at SDIS49
A clever solution that spots problems that cannot be found by other solutions but it would benefit from having automation
Pros and Cons
- "The solution is stable. We've never had any problems with it."
- "The solution would benefit from automation. Currently, you have to know what you are searching for."
What is our primary use case?
Primarily we use the solution to spot problems that cannot be found by other solutions.
How has it helped my organization?
Darktrace has improved our knowledge of abnormal phenomenen which could have potentially be hazardous for the organization.You have to be vigilant with GDPR compliance rules in Europe
What is most valuable?
The most valuable aspect of the solution is that you can see all the process mistakes. You can see all the different types of unusualcsituations that you usually don't see in a traffic solution.
What needs improvement?
The solution would benefit from automation. Currently, you have to know what you are searching for.
For how long have I used the solution?
I've been using the solution for one month.
What do I think about the stability of the solution?
The solution is stable. We've never had any problems with it.
What do I think about the scalability of the solution?
The solution is scalable. So far, we have 12 networks done. We have about 500 users on it currently.
How are customer service and technical support?
I haven't had too much interaction with technical support. Technical support was in France but the experts were in England. It's good generally, but we haven't used the solution for too long.
Which solution did I use previously and why did I switch?
We didn't previously use a different solution.
How was the initial setup?
When you have an expert, the initial setup is easy, but if you do it on your own, it could be complex. Deployment takes at least a month.
Which other solutions did I evaluate?
We didn't evaluate another solution. We met the solution's team in Cannes for an IT meeting and decided to pursue discussions with implementation.
What other advice do I have?
We use the on-premises deployment model.
It's a quite clever solution. It has a lot of potential, but I'd advise those considering to hold off implementing the solution until after a newer version is released.
I'd rate the solution seven out of ten. If they added automation and included it in the price, I'd rate it higher.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Darktrace
November 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Team Lead Manager with 501-1,000 employees
Gives us visibility of rogue network traffic, prevents data exfiltration, good technical support
Pros and Cons
- "The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
- "This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
What is our primary use case?
We use Darktrace for security, and to give us better visibility.
How has it helped my organization?
If a user is exfiltrating data, normally we don't have the tools to detect it. With Darktrace, it detects this data. Also, if there is any command-and-control then this solution will highlight that.
What is most valuable?
The most valuable feature is that it gives us visibility of rogue traffic that is on the network.
The detection capabilities are good.
What needs improvement?
This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious.
Integration with SOAR systems may be helpful, depending on the SOAR.
What do I think about the stability of the solution?
Stability-wise, Darktrace is very good. It runs in the background 24/7.
What do I think about the scalability of the solution?
The scalability is good because it covers our whole network.
We have 1,000 business and IT users and for our environment, the scalability is very good.
How are customer service and support?
The technical support is good. I would rate them an eight out of ten.
Which solution did I use previously and why did I switch?
We did not use another similar solution prior to Darktrace.
How was the initial setup?
The initial setup was very straightforward. It took approximately two months to complete the implementation and deployment.
What about the implementation team?
We used a consultant to assist us with the implementation.
One person is enough for the deployment and maintenance.
Which other solutions did I evaluate?
There may have been others that we looked at but this is the main one we evaluated.
What other advice do I have?
My advice for anybody who is looking into implementing Darktrace is to do a proof of concept first. Try to out because it's quite useful for providing visibility in the network.
Overall, this is a good product that seems to be working well.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
SOC Manager at Nais Srl
Good visibility, secure, with a variety of modules for investigating various behaviors
Pros and Cons
- "The platform has many modules, and each module examines a different situation in the behavior."
- "It's a very complex platform."
What is our primary use case?
Darktrace is a platform that is used to check all infrastructures. They check the compartmental in the network.
What is most valuable?
It is a very good platform for understanding what is going on in your network or in your environment because it checks all the activities. This is the same when I use activities on the device, server, network, and web, it checks it all.
The platform has many modules, and each module examines a different situation in the behavior.
What needs improvement?
It's a very complex platform.
For how long have I used the solution?
I have been working with Darktrace for approximately one year.
What do I think about the stability of the solution?
Darktrace is a stable product.
What do I think about the scalability of the solution?
It's a scalable platform.
How are customer service and support?
The technical support is not very good. I believe that the support must be very quick and operational. Support will need to grow in Italy, but I'm not sure about the other side.
What's my experience with pricing, setup cost, and licensing?
It's an expensive solution.
What other advice do I have?
While it is complex, and difficult to use, once you understand the correct way to use it, it's a very good platform. I would rate Darktrace a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Chief Operations & Information Officer at MineWorkers Provident Fund
Delivers as expected, provides good analytics around the real-time monitoring of our network, and has good reporting and reporting period
Pros and Cons
- "I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
- "One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
What is our primary use case?
We have Antigena on the email, and we also use the network monitoring capabilities. We are using the latest version of the Antigena Email and AI analytics platform.
What is most valuable?
I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities.
What needs improvement?
One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network.
For how long have I used the solution?
We have been using Darktrace for two years.
How are customer service and technical support?
There were a couple of times when we needed some of the expertise, and the guys were not available at the time when we needed them. Subsequently, they've managed to improve.
What other advice do I have?
In terms of our organization, we are a massive IT organization or financial services company. We've got a very small ITP, but we've got a lot of data. We are not sure about Darktrace in terms of its capacity to deal with huge data, but it is probably too early for me to give some sort of indication of what is not big.
At the moment, they are delivering on the set objective in terms of what I want to achieve as a CIO, and I'm quite happy with some of the deliverables that are coming through at the moment. In terms of what our requirements were and what we expect in terms of what we want them to deliver, they have delivered. Within the next two to three years, I would probably be able to provide a different perspective after we've matured within the Darktrace environment. At the moment, they've delivered the actual scope of work. There is nothing really that they're not delivering on as promised. So, at the moment, I'm quite happy with where we are.
I would rate Darktrace a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Support Engineer at CCTZ
Secure, beneficial unusual email detection, and high availability
Pros and Cons
- "The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
- "Darktrace could improve its features, such as monitoring and detecting ransomware."
What is our primary use case?
Darktrace is used for network security.
How has it helped my organization?
Darktrace has helped our organization be secure from network spam and attacks.
What is most valuable?
The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network.
What needs improvement?
Darktrace could improve its features, such as monitoring and detecting ransomware.
For how long have I used the solution?
I have been using Darktrace for approximately three months.
What do I think about the stability of the solution?
Darktrace is a stable solution.
What do I think about the scalability of the solution?
The scalability of Darktrace is good.
We have four companies that are using this solution.
How are customer service and support?
I have not used the support from Darktrace.
How was the initial setup?
The initial setup of Darktrace was simple. The deployment of Darktrace took approximately two weeks.
What's my experience with pricing, setup cost, and licensing?
I am using a demo of Darktrace for deployment and testing which is free.
Which other solutions did I evaluate?
My company chose Darktrace because it helped other companies that needed some help with metrics monitoring and spam monitoring.
What other advice do I have?
I would recommend this solution to others.
I rate Darktrace a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Head of Security at DFCC
Stable security solution that offers behavioral analytics for the monitoring of traffic
Pros and Cons
- "The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
- "The dashboard and reporting for this solution could be improved as it is currently complex. The GUI for this solution could also be improved."
What is our primary use case?
We are a financial Institute and make use of the IDS solution. We have the SIM called QRadar. We analyze all the traffic clouds with Darktrace and SIM.
What is most valuable?
The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic.
What needs improvement?
Sometimes the solution gives some false positives which could be improved. The dashboard and reporting for this solution could be improved as it is currently complex. The GUI for this solution could also be improved.
For how long have I used the solution?
I have been using this solution for three years.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
This is a scalable solution.
How are customer service and support?
The technical support is very good but we would like to get some information from APAC because we are in APAC region.
Which solution did I use previously and why did I switch?
We considered McAfee and other solutions but based on budget and features, we decided to go with Darktrace.
How was the initial setup?
The initial setup is straightforward and so is the maintenance.
What about the implementation team?
The deployment was done in-house.
What other advice do I have?
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network Security Engineer at Social Security Commission
Antigena feature offers immediate and helpful response
Pros and Cons
- "I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
- "The interface is too mathematical and it should be simplified."
What is our primary use case?
Darktrace makes up part of our security solution and it is able to operate without intervention from IT staff. Antigena feature for automatic response is awesome.
How has it helped my organization?
You can have a one-person IT team and with Darktrace, you can get notification of potential threats that are incoming or are already happening on the network.
What is most valuable?
I like the Antigena feature in Darktrace, as it offers immediate response and is helpful.
This product collects more data than your traditional type of software, which is useful for us.
Darktrace picks up anomalies as soon as they arise.
What needs improvement?
The interface is too mathematical and it should be simplified. If you are a seasoned user then you would know where to go, but you have to learn it first. The terminologies being used are mostly numbers. In general, it could be more user-friendly. The GUI can be more simplified and the sections on the interface can be better organised. Usability and visibility of features can improve the skills of administrators and the product will be a preferred solution and ratings will increase.
For how long have I used the solution?
My experience with Darktrace is short because we are just implementing it now.
What do I think about the stability of the solution?
The stability of Darktrace is fine.
What do I think about the scalability of the solution?
We do not intend to scale. Scalability is more of a contract issue that comes into play if you want to add nodes to the system. We are opting for a specific number of nodes or endpoints, which we would be able to keep for quite a number of years. I don't expect that we will expand that much, so scalability should not be an issue.
How are customer service and support?
We have been in contact with technical support using different platforms. We have dealt with them using Microsoft Teams, Zoom, WhatsApp and via email.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
No
How was the initial setup?
The initial setup was quite simple and straightforward, taking about an hour to complete. After that, the port modeling took perhaps an hour or two.
What about the implementation team?
Vendor Team
What's my experience with pricing, setup cost, and licensing?
If you consider the features and the cost of market leaders, we are satisfied with the pricing.
Which other solutions did I evaluate?
Snode
What other advice do I have?
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Extended Detection and Response (XDR) Email Security Intrusion Detection and Prevention Software (IDPS) Network Traffic Analysis (NTA) Network Detection and Response (NDR) AI-Powered Chatbots Cloud Security Posture Management (CSPM) Cloud-Native Application Protection Platforms (CNAPP) Attack Surface Management (ASM) AI-Powered Cybersecurity PlatformsPopular Comparisons
CrowdStrike Falcon
Wazuh
SentinelOne Singularity Complete
Cortex XDR by Palo Alto Networks
Vectra AI
Trend Vision One
Cynet
Rapid7 InsightIDR
NetWitness NDR
Stellar Cyber Open XDR
Fidelis Elevate
LogRhythm UEBA
Adlumin Cybersecurity
Bitdefender GravityZone Extended Detection and Response (XDR)
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
- Which is better - SentinelOne or Darktrace?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- How does Crowdstrike Falcon compare with Darktrace?
- What is the best EDR or XDR product for a company with 9000 employees?
- When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
- How do you decide about the alert severity in your Security Operations Center (SOC)?
- Which is better for Endpoint Security: EDR or XDR solutions?
- What are the main differences between XDR and SIEM?