Darktrace makes up part of our security solution and it is able to operate without intervention from IT staff. Antigena feature for automatic response is awesome.
Network Security Engineer at Social Security Commission
Antigena feature offers immediate and helpful response
Pros and Cons
- "I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
- "The interface is too mathematical and it should be simplified."
What is our primary use case?
How has it helped my organization?
You can have a one-person IT team and with Darktrace, you can get notification of potential threats that are incoming or are already happening on the network.
What is most valuable?
I like the Antigena feature in Darktrace, as it offers immediate response and is helpful.
This product collects more data than your traditional type of software, which is useful for us.
Darktrace picks up anomalies as soon as they arise.
What needs improvement?
The interface is too mathematical and it should be simplified. If you are a seasoned user then you would know where to go, but you have to learn it first. The terminologies being used are mostly numbers. In general, it could be more user-friendly. The GUI can be more simplified and the sections on the interface can be better organised. Usability and visibility of features can improve the skills of administrators and the product will be a preferred solution and ratings will increase.
Buyer's Guide
Darktrace
December 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
My experience with Darktrace is short because we are just implementing it now.
What do I think about the stability of the solution?
The stability of Darktrace is fine.
What do I think about the scalability of the solution?
We do not intend to scale. Scalability is more of a contract issue that comes into play if you want to add nodes to the system. We are opting for a specific number of nodes or endpoints, which we would be able to keep for quite a number of years. I don't expect that we will expand that much, so scalability should not be an issue.
How are customer service and support?
We have been in contact with technical support using different platforms. We have dealt with them using Microsoft Teams, Zoom, WhatsApp and via email.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
No
How was the initial setup?
The initial setup was quite simple and straightforward, taking about an hour to complete. After that, the port modeling took perhaps an hour or two.
What about the implementation team?
Vendor Team
What's my experience with pricing, setup cost, and licensing?
If you consider the features and the cost of market leaders, we are satisfied with the pricing.
Which other solutions did I evaluate?
Snode
What other advice do I have?
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director at Baverianvine
A great solution for threat detection that intelligently and immediately responds to attacks across your enterprise system
Pros and Cons
- "A simple, powerful AI solution that just does all the work for you when you turn it on."
- "It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
What is our primary use case?
We use it to deploy to enterprise customers to provide them with a complete, reliable and intelligent threat detection and response system.
How has it helped my organization?
It helps us to reliably serve our customers with quick deployment of a durable, effective and intelligent product.
What is most valuable?
The most valuable part of the product is the whole package. The features included in the Enterprise Immune System are complete and effective. Its detection engine is ridiculously good.
What needs improvement?
It is hard to really address what needs to be improved in the respect that it does everything I would expect of a superior solution. It is simple enough to use because the interface is quite simple, the setup is quick and painless — in only an hour the product is installed. Users can train on the system in less than three hours. When the configuration is complete they will already know what to do and they can just go on and use the product.
I think that the price is quite good compared to other, similar products. They already have a plugin that you can use to set up integration with virtually any other product.
Maybe it could come with a few more built-in integrations, such as adding ServiceNow. They already have built-in integration with Antigena Cyber AI Response Modules for the clouds and for the network (AWS & Azure), and they did Office 365 (email), and SaaS applications as well.
I guess a few more options and opportunities like this built-in would be nice. It is not a big thing.
For how long have I used the solution?
We have been deploying this solution for clients since 2017
What do I think about the stability of the solution?
The stability of the product is really very good. Clients who have had us do the implementations say it is fantastic after they've tried it.
What do I think about the scalability of the solution?
The product is definitely scalable and can grow with your enterprise business.
How are customer service and technical support?
In terms of customer support, it is really rare that you need them to do anything because the product is really good. You turn it on and it just works. Really anyone can run it. So a level ten tech, a level five tech or a level one tech can use it. It makes everyone competent. It's like driving an automatic car because the gears shift for you. You still have to be a good driver and take the wheel and press the gas. But you can switch it back to manual if you want a different level of control. It's up to you. But everybody with different skill levels and different purposes for the deployment can use it.
When we have contacted the technical support they have been very good.
How was the initial setup?
It's simple enough to install and it does exactly as the product says: "installed in about an hour." With only an hour to install initially and with being able to train people to use it in just a few hours, it is very quick to do the initial setup. Very straightforward. It's a jog in the park.
Normally, once you deploy, for a normal site it's about two weeks time to set up configurations for the network, but then it is optimized and processing even faster. It's faster with fewer features and, usually, I use is about half of what it is capable of doing based on the client need. And once you do that configuration, you're ready to go. All that in less than two weeks and you can start getting threat intelligence reports from the network with intelligent tools. It's fantastic.
What about the implementation team?
We are the ones who do the implementations and we have done many, so we are very good at it.
What was our ROI?
Our return on investment is as a reseller and consultant because we make returns on servicing the customers.
What's my experience with pricing, setup cost, and licensing?
I think that the price is quite fair and very good for this type of product and the features that the product provides.
What other advice do I have?
My advice to people and organizations considering this as a solution is: go buy it. They shouldn't waste their time fussing and looking around at other solutions. It works. I've done administrating for several years, and this is the one solution that works. It complements what you have, whatever that is. It is like a plug-and-play component. There is no solution that does what it does. You even have some excellent systems like Cisco's Stealthwatch — these are just the three packet analysis technologies. Darktrace is actually DPI (Deep Packet Inspection), which in my markets is now called the threat level buttons. It is really an advanced product and everything just works ridiculously well.
If I had to rate the product on a scale of one to ten (ten is the best) I'd give it an actual ten. It is the only product I use that I would give a full ten. It's hard to achieve a ten as you have to be better than everything and everyone else. It does deliver on what it says it can do.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Buyer's Guide
Darktrace
December 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
CEO at VERINET
Provides great network protection, is innovative and flexible
Pros and Cons
- "Provides great network protection."
- "Needs to improve its collaboration with local partners."
What is our primary use case?
We are a consulting company and sell Darktrace to our customers. Our company is in West Africa. I'm the company CEO.
What is most valuable?
Darktrace can observe networks and respond to those observations. It provides great network protection, is innovative and flexible.
What needs improvement?
I think Darktrace needs to improve its collaboration with local partners. That would include training and improving the technical skills of vendors. Desktop and mobile device protection could also be improved.
For how long have I used the solution?
We've been selling this solution for two years.
What do I think about the stability of the solution?
The solution is stable.
How are customer service and support?
Our customers report that the technical support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is reasonably straightforward although the process requires some preparation beforehand. The size of deployment varies greatly, we've deployed in companies ranging in size from 200 up to 5,000 users.
What's my experience with pricing, setup cost, and licensing?
Licensing costs are expensive, although I think the high cost is partly a currency issue because we're based in West Africa.
What other advice do I have?
I rate this solution eight out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer:
Security Operations Manager at a financial services firm with 5,001-10,000 employees
Good threat detection, and technical support and is reliable
Pros and Cons
- "Darktrace is very useful for us because it has a large number of models for detecting threats."
- "Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
What is most valuable?
Darktrace is a very good solution.
Darktrace is very useful for us because it has a large number of models for detecting threats.
What needs improvement?
There are numerous false positives.
Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler.
For how long have I used the solution?
I have been using Darktrace for three years.
What do I think about the stability of the solution?
Darktrace is very stable.
What do I think about the scalability of the solution?
Darktrace is easy to scale. It's a scalable solution.
How are customer service and support?
Technical support is good.
How was the initial setup?
The initial setup is difficult.
It took three or four months to deploy.
What other advice do I have?
People must first examine the network architecture in order to make the best implementation.
Darktrace is a very good solution, I would rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Founder and Director at a tech services company with 11-50 employees
Good detection capability and reduces our team's effort, but there should be more visibility at the endpoint level and less effort in fine-tuning
Pros and Cons
- "In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
- "In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
What is our primary use case?
I'm currently heading cybersecurity for 1,500 entities. Some of them have deployed Vectra, and some of them have deployed Darktrace. Darktrace has been in the UK market for a while, whereas Vectra is a not-so-old player in the UK market.
We are using the latest version of Darktrace but not their latest offering. They are now also providing email security over the Darktrace platform, but we have not been utilizing that. We have been utilizing their network detection and response and some part of automated incident response (IR) capability.
We have a hybrid infrastructure. Some centers are deployed in the cloud, and some centers are deployed on-prem. The management platform is currently on-prem, but the plan is to move it to SaaS.
What is most valuable?
In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra.
Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful.
What needs improvement?
In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort.
They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace.
It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing.
They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions.
For how long have I used the solution?
I have been using this solution for maybe six or seven years. At my previous workplace, we were one of the early adopters of Darktrace's unsupervised machine learning technology.
What do I think about the stability of the solution?
Its stability is fine. We are utilizing a mix of their deployment capability. We have appliance-based and sensor-based deployments. Performance-wise, sensor-based ones are slower than appliance-based ones. An appliance also has dedicated hardware.
What do I think about the scalability of the solution?
In terms of scalability, it is fine. We have deployed Darktrace for around 7,000 to 8,000 users for one part of an entity, and it has been working fine. I don't see any issue in terms of its scalability.
Currently, it has around 7,000 to 8,000 users, but it is getting extended. We are in the process of extending the Darktrace capability to other entities. We are talking about 1,500 entities and 120,000 users in different dispersed and segregated environments.
How are customer service and technical support?
They've been quite okay in their responses. This solution is definitely complex, so sometimes we don't get the expected level of information or answer straight away, but they have been okay in responding and following up. I would rate them a seven out of ten.
How was the initial setup?
From the initial deployment perspective, it was quite straightforward. We just need to make some configuration changes and then Darktrace works on spanning. It gets a copy of all the data from the network, and it starts building the profile. It has a pretty straightforward deployment.
What other advice do I have?
I would rate Darktrace a seven out of ten. It is a good solution, but it requires some improvements.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director Comercial México at Aubay
A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support
Pros and Cons
- "It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
- "It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."
What is our primary use case?
We deployed Darktrace for one of the biggest telecommunications companies in Latin America. It is deployed on-premise, but it is more like a service because we don't care about the appliances. Even though it works with appliances, it is more related to the services to the connections that the solution can handle. Because of that, it is on-premise, but it also has a component with sensors that works for remote instances, almost like a cloud solution.
Some of the clients, especially in the security area, think that this appliance will replace a firewall or a prevention system solution, but it doesn't replace them. It actually complements them because the firewall decides to allow or deny a connection, and a prevention system is designed to avoid any type of risks to the connection or intrusion on the network. Darktrace allows you to find the unknown threats inside the network and identify them by using some artificial intelligence. It can do all the tracking inside or outside the network.
It is connected directly to the core switch, and in the first stage, it probably takes about a month to learn the behavior of the network and the users. With that, it starts to know what type of information is correct inside the network, and what type of information probably would be a risky connection or risky data moving from one site to another. It then starts doing the alerting. After the first stage or the learning stage is complete, we can find the size of the network. The second stage is the use of a different model inside the solution called Antigena. It works like the antibodies inside our body. Once it detects something that is wrong inside the network, it not only does the alerting but also takes the decision to block that type of connection in order to avoid any information leak or any possible risky connection. If somebody is doing some data mining, it disables connection to the engine that is doing the data mining.
How has it helped my organization?
We have been giving results not only to the security or compliance area inside of a company but also to the legal department. If someone is doing something wrong in terms of compliance, they can take directly take action against the person or group doing that.
We also give results to the infrastructure people and the network people. Based on our experience, most of the customers don't really know the size of their network. With this type of solution, we can know the complete network. We can know the real size, and how many resources are connected to the network and the internet. For example, one customer said to us, "I only have 18,000 connections on the network." We did the sizing with 18,000, and when we started the deployment, this customer had one thousand and twenty hundred connections. They didn't realize that until we arrived.
What is most valuable?
It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports.
Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk.
What needs improvement?
It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace.
For how long have I used the solution?
I have been working with Darktrace for at least four years. I recommend and sell it to customers. A long time ago, I used to be a technical guy. Now I am on the sales side. Our technical crew and sales crew are certified for this solution.
What do I think about the stability of the solution?
For the past four years, I have only seen two crashes in two appliances. That was because the customer sent more traffic than what the solution or that specific appliance could handle. It was solved by using another appliance to do the appropriate balancing. The second crash was because it was a human error and somebody by mistake disconnected the cable and connected it to a different interface.
What do I think about the scalability of the solution?
It is very easy to scale. When you need more appliances to support the infrastructure, you can use them as LEGOS. In order to place them, the only thing that you need to have is a rack, and you can start connecting them to the switch, and that's it. Once that you have it on the main console, you just assign the role to every single appliance, and that's it.
We're very focused on big companies, but we also have medium customers. The reason why we don't sell it to the small companies is that this type of solution is very expensive for them to finance. So, probably the assets that they have are very important, but based on the budget that small companies have in Latin America, they cannot afford a solution like this.
How are customer service and technical support?
The support that we have in Latin America is very good. It is a very good company to work with. They have offices here. I would rate them a ten out of ten.
How was the initial setup?
It is very easy. The setup of the solution takes probably half an hour. The only thing that we need to place Darktrace on a customer site is a connection on the core switch with a mirror port. We need to have some space on the rack, and then we connect the appliance to the core switch, and that's it. We go back to the customer a week later to see what Darktrace is catching and start sharing with the customer our discovery inside the network.
The biggest deployment that we have done took about two months, but it was in 26 different sites. The main challenge was the transport. We had to take care of all the logistics to transport all the appliances and find the appropriate time to run all the appliances because most of the customers do not allow to rack them at any time. Therefore, it needs to be done at midnight when almost nobody is using the network. That was our main challenge, but it is very easy to set up.
What's my experience with pricing, setup cost, and licensing?
The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily.
What other advice do I have?
Over the past years, I have seen some customers say, "No, I have Endpoint protection. I have intrusion prevention. I have a firewall. I don't need anything like that." My advice is that first of all, open your mind to new solutions because this type of solution will catch everything that the rest of the solutions that you have won't catch. That's the first thing. The second thing is that do not limit the work of the people who work with Darktrace by saying that you know your network because we can assure you that you don't know your network and the threats that are inside and outside the network and the size of the network.
We always start with Darktrace Enterprise Immune System, which is the first model. The reason for this is that it is easier to adopt the Antigena model at the second stage because the solution by itself needs to learn inside of the network and what is good and what is bad. When we place Antigena, the deployment stages are exactly the same as when you first deploy the Enterprise Immune System in order to let it learn. After the solution starts learning, it will take at least a couple of months or probably three months to deploy Antigena. Therefore, it doesn't make sense to make customers spend more money on a solution in the initial stages and go for a solution that they would not be using initially. This also provides the appropriate sizing of the network. Most of the time, the customer needs to acquire more services from us in order to support all the infrastructure that they have.
I would rate Darktrace a ten out of ten. I am a very happy user and a happy seller of Darktrace.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Head of Cybersecurity Business Unit at S2E
Provides a visual representation of attack history, with a nice GUI, but the analysis could be simplified
Pros and Cons
- "I find it very good in the way that they show the past events, including the attack history."
- "It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
What is our primary use case?
We are a system integrator and we pose solutions, including this one, to our clients.
It is mainly used to reinforce response capabilities with respect to network security.
What is most valuable?
I find it very good in the way that they show the past events, including the attack history. You are able to visualize all of the attack paths and connectivity to see what's happened.
The GUI interface is very good.
They are using the best machine learning and AI at the moment.
What needs improvement?
The need to simplify the analysis from a user perspective. In a few cases, you have to be a specialist in order to understand what's happening. It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.
For how long have I used the solution?
I was been working with Darktrace for two years.
What do I think about the stability of the solution?
Stability-wise, we have not had any issues and it has been quite good.
What do I think about the scalability of the solution?
We haven't had any trouble with scalability.
How are customer service and technical support?
We have had contact with technical support and help was quite straightforward. Our feedback for them is good.
Which solution did I use previously and why did I switch?
We work with a variety of products in the security space including Darktrace, Splunk, Elastic, and others.
How was the initial setup?
The initial setup is really simple. This product is normally deployed as an on-premises appliance and it normally takes less than one day. It depends on how complex the network is, but it's usually quite simple.
What's my experience with pricing, setup cost, and licensing?
Our customers feel that the price of Darktrace is quite high compared to other solutions. However, I feel that they are one of the top solutions in this space and they want to be paid for that.
What other advice do I have?
They are currently working on improving their interface by including AI to help simplify things, but it does not work on real-time data. Rather, it works on historical events.
This is definitely a product that I can recommend, although I would probably be using it together with a SOC service or somebody else who can manage it properly.
I would rate this solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Application & Security Specialist at a financial services firm with 1,001-5,000 employees
Easy to use with an intuitive dashboard, powerful AI, and inbuilt data packet analysis
Pros and Cons
- "The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
- "This is quite an expensive product so the pricing is something that can be improved."
What is most valuable?
Once installed, it starts picking up and learning the network very well because it's got a powerful AI integrated into it.
The user interface is very intuitive.
The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further.
This solution has some good features for customization in terms of how you're tagging your network, which basically makes it easier to identify what is actually happening. You can see where the traffic is going, where it is coming from, and that sort of thing.
Darktrace has quite a few inbuilt features such as its own packet analysis module, which is an offshoot of Wireshark.
This solution has some powerful APIs, although we do not use that functionality at the moment.
What needs improvement?
This is quite an expensive product so the pricing is something that can be improved.
For how long have I used the solution?
I have been using Darktrace for between two and three years.
What do I think about the stability of the solution?
We've seen no major problems between the master and slave devices in our architecture.
What do I think about the scalability of the solution?
Darktrace is definitely scalable. We started off with a single device monitoring a single site and we progressively added more sites with different devices in a master/slave architecture. The more we've added, we've had to re-think a little bit, but overall the scalability is excellent.
We have ten security analysts who are using this solution.
How are customer service and technical support?
The Darktrace technical support is very good.
Which solution did I use previously and why did I switch?
We started off with Darktrace. It was based on a decision from somebody in the business who had previously used it.
Personally, I have used a few other solutions and with respect to the interface, you probably couldn't get more intuitive than Darktrace.
How was the initial setup?
Darktrace is very easy to set up. Even our basic technical people are able to do it. It's almost like plug and play. There is some basic configuration to do, but it's nothing major.
I would say that most technical people can do the majority of the setup.
What about the implementation team?
We were granted access to all of the documentation and information from Darktrace, so we did the implementation ourselves. There may have been one or two areas that we had to go back to Darktrace directly to get clarification on, but there was no third-party partner or reseller involved.
What other advice do I have?
We're very pleased with Darktrace so it is a bit difficult to pinpoint areas for improvement. It covers all of our needs and from what I can see, it does the basics very well. There are many advanced features, also.
This is a solution that I definitely recommend. It offers a proof of value rather than a proof of concept, where they run the tool in your network, let it learn and then catch any vulnerabilities. Then you will actually see the value of the solution, either potentially blocking any exploitive threats or not, but its a really good thing to go through. To do this, I think that you have to go through an actual partner unless you're in a location where Darktrace has a physical office. In any event, I strongly recommend going through the proof of value to see if you like it. If there is a charge then it is definitely worth it.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Extended Detection and Response (XDR) Email Security Intrusion Detection and Prevention Software (IDPS) Network Traffic Analysis (NTA) Network Detection and Response (NDR) AI-Powered Chatbots Cloud Security Posture Management (CSPM) Cloud-Native Application Protection Platforms (CNAPP) Attack Surface Management (ASM) AI-Powered Cybersecurity PlatformsPopular Comparisons
CrowdStrike Falcon
Wazuh
SentinelOne Singularity Complete
Cortex XDR by Palo Alto Networks
Vectra AI
Trend Vision One
Cynet
Rapid7 InsightIDR
NetWitness NDR
Stellar Cyber Open XDR
Fidelis Elevate
Adlumin Cybersecurity
LogRhythm UEBA
Secureworks Taegis XDR
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
- Which is better - SentinelOne or Darktrace?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- How does Crowdstrike Falcon compare with Darktrace?
- What is the best EDR or XDR product for a company with 9000 employees?
- When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?
- How do you decide about the alert severity in your Security Operations Center (SOC)?
- Which is better for Endpoint Security: EDR or XDR solutions?
- What are the main differences between XDR and SIEM?