Darktrace Reviews

We use it to deploy to enterprise customers to provide them with a complete, reliable and intelligent threat detection and response system.

It helps us to reliably serve our customers with quick deployment of a durable, effective and intelligent product.

The most valuable part of the product is the whole package. The features included in the Enterprise Immune System are complete and effective. Its detection engine is ridiculously good.

It is hard to really address what needs to be improved in the respect that it does everything I would expect of a superior solution. It is simple enough to use because the interface is quite simple, the setup is quick and painless — in only an hour the product is installed. Users can train on the system in less than three hours. When the configuration is complete they will already know what to do and they can just go on and use the product.

I think that the price is quite good compared to other, similar products. They already have a plugin that you can use to set up integration with virtually any other product. 

Maybe it could come with a few more built-in integrations, such as adding ServiceNow. They already have built-in integration with Antigena Cyber AI Response Modules for the clouds and for the network (AWS & Azure), and they did Office 365 (email), and SaaS applications as well.

I guess a few more options and opportunities like this built-in would be nice. It is not a big thing.

The stability of the product is really very good. Clients who have had us do the implementations say it is fantastic after they've tried it.

The product is definitely scalable and can grow with your enterprise business.

In terms of customer support, it is really rare that you need them to do anything because the product is really good. You turn it on and it just works. Really anyone can run it. So a level ten tech, a level five tech or a level one tech can use it. It makes everyone competent. It's like driving an automatic car because the gears shift for you. You still have to be a good driver and take the wheel and press the gas. But you can switch it back to manual if you want a different level of control. It's up to you. But everybody with different skill levels and different purposes for the deployment can use it.

When we have contacted the technical support they have been very good.

It's simple enough to install and it does exactly as the product says: "installed in about an hour." With only an hour to install initially and with being able to train people to use it in just a few hours, it is very quick to do the initial setup. Very straightforward. It's a jog in the park. 

Normally, once you deploy, for a normal site it's about two weeks time to set up configurations for the network, but then it is optimized and processing even faster. It's faster with fewer features and, usually, I use is about half of what it is capable of doing based on the client need. And once you do that configuration, you're ready to go. All that in less than two weeks and you can start getting threat intelligence reports from the network with intelligent tools. It's fantastic.

We are the ones who do the implementations and we have done many, so we are very good at it.

Our return on investment is as a reseller and consultant because we make returns on servicing the customers.

I think that the price is quite fair and very good for this type of product and the features that the product provides. 

My advice to people and organizations considering this as a solution is: go buy it. They shouldn't waste their time fussing and looking around at other solutions. It works. I've done administrating for several years, and this is the one solution that works. It complements what you have, whatever that is. It is like a plug-and-play component. There is no solution that does what it does. You even have some excellent systems like Cisco's Stealthwatch — these are just the three packet analysis technologies. Darktrace is actually DPI (Deep Packet Inspection), which in my markets is now called the threat level buttons. It is really an advanced product and everything just works ridiculously well.

If I had to rate the product on a scale of one to ten (ten is the best) I'd give it an actual ten. It is the only product I use that I would give a full ten. It's hard to achieve a ten as you have to be better than everything and everyone else. It does deliver on what it says it can do.

The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff.

The level of tracking within the network from the transmission level up to the machine level can use improvement.

The solution works similarly to an intrusion prevention system at the network level. It would be a nice improvement to have an add-on that can act at the post level.

The cost of the solution can be reduced to make it more appealing to customers.

I have been using the solution for two and a half years.

The solution is stable.

The solution is scalable but costly to do.

The customer support team is responsive and tries to resolve the issue proactively.

The setup is straightforward and easy to integrate.

The setup cost for the entry-level is pricy. 

I rate the solution a nine out of ten.

It takes a team of five to maintain the solution.

This solution can reduce the resources required to run a security operation center by two-thirds.

The solution's reports are intuitive and informative.

Darktrace just scans the entire network and documentation. We then automatically evaluate which behaviors are normal and which are not normal. You can determine what possible risks are in the network.

The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network.

You don't need a human operator to be involved. The tool can operate by itself... By itself. That's the best and the most important feature because that reduces the amount of time that a person needs to spend on the tool.

The solution is powerful and very useful, it has the ability to avert many attacks.

The tool does almost 95 percent of the work and you only need to run some features to obtain reports.

The module can improve so that every time it's more intelligent.

I have been using Darktrace for approximately three years.

The stability of Darktrace is good.

Darktrace is a scalable solution.

The support from Darktrace is very good, it is perfect.

Darktrace is installed in an appliance and that appliance is installed in the network. 

We have one engineer that does the maintenance of Darktrace. They do the implementation and scanning of the network.

The solution does not require a lot of maintenance, it does most of the operations automatically.

We provide technical services.

The cost of the solution is expensive for smaller businesses. They will not be able to afford it or might not need this type of security solution.

The license is by device,  if you have 1,000 devices, then the cost is going to be high.

My advice to others is for them to try to determine what are their costs in security. Then they can determine the benefit of Darktrace. They need to first acknowledge what their costs are and then they can start pricing what solution would be best.

I rate Darktrace a ten out of ten.

We use Darktrace for security, and to give us better visibility.

If a user is exfiltrating data, normally we don't have the tools to detect it. With Darktrace, it detects this data. Also, if there is any command-and-control then this solution will highlight that.

The most valuable feature is that it gives us visibility of rogue traffic that is on the network.

The detection capabilities are good.

This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious.

Integration with SOAR systems may be helpful, depending on the SOAR.

Stability-wise, Darktrace is very good. It runs in the background 24/7.

The scalability is good because it covers our whole network.

We have 1,000 business and IT users and for our environment, the scalability is very good. 

The technical support is good. I would rate them an eight out of ten.

We did not use another similar solution prior to Darktrace.

The initial setup was very straightforward. It took approximately two months to complete the implementation and deployment.

We used a consultant to assist us with the implementation.

One person is enough for the deployment and maintenance.

There may have been others that we looked at but this is the main one we evaluated.

My advice for anybody who is looking into implementing Darktrace is to do a proof of concept first. Try to out because it's quite useful for providing visibility in the network.

Overall, this is a good product that seems to be working well.

I would rate this solution an eight out of ten.

I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user.

Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better.

It has been close to two months, and I am probably using the latest version.

It is definitely stable.

So far, we haven't had any problems. It is definitely scalable.

We don't have more than 12 people who use this solution.

I never had any technical support problems. It is up to the mark.

I have worked with Elastic SIEM and QRadar. Elastic SIEM is entirely different, so there is no one-to-one comparison. It is like comparing apples with oranges, but overall, Darktrace is quite interesting. A new user can easily learn it without much help.

I never did any setup. I'm just an end-user.

My advice is to always go for a PoC before implementing Darktrace. That's because Darktrace can get a lot of personally-identified information, which may not be a good thing for some companies. So, before going for this technology, you should do a PoC, and once everything is compliant with the rules and regulations of the company, you can go for it.

I would rate it an eight out of 10.

Darktrace is a platform that is used to check all infrastructures. They check the compartmental in the network.

It is a very good platform for understanding what is going on in your network or in your environment because it checks all the activities. This is the same when I use activities on the device, server, network, and web, it checks it all.

The platform has many modules, and each module examines a different situation in the behavior.

It's a very complex platform.

I have been working with Darktrace for approximately one year.

Darktrace is a stable product.

It's a scalable platform.

The technical support is not very good.  I believe that the support must be very quick and operational. Support will need to grow in Italy, but I'm not sure about the other side.

It's an expensive solution.

While it is complex, and difficult to use, once you understand the correct way to use it, it's a very good platform. I would rate Darktrace a nine out of ten.

Darktrace is deployed on our LAN, inside the network. No site, no internet, it's just for monitoring the LAN, local access network. It helps us to find a lot of threats inside the network. We are very happy with the solution. You don't need to have a lot of analysts with Darktrace who are making or following the incident. This solution helps you to send the notification and avoid threats.

The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7.

Firstly, the integration should be improved. 

In terms of what additional features I would like included in the next release of Darktrace, I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there.

We have been using Darktrace for three years.

In terms of stability, Darktrace is an excellent product.

Darktrace's scalability is very good. We have about 1,200 users on it currently.

Their technical support is excellent.

We have more than an SOC, a security operation center, so we switched to Darktrace because they use artificial intelligence and they are more sophisticated in preventing threats.

The initial setup is straight forward. Deployment took one day.

We implemented with a consultant. It required two people.

Our ROI as a result of Darktrace is excellent. The return of the cost of the solution for preventing threats is very good.

Darktrace is expensive, but its results are invaluable.

Because of all it does, Darktrace is a very good solution, and it doesn't take a lot of time to implement and to get results. You can learn the behavior of the network and take actions, not based in signatures. I think this is very, very good.

On a scale of one to ten, I would give Darktrace a nine.

We are a system integrator and we pose solutions, including this one, to our clients.

It is mainly used to reinforce response capabilities with respect to network security.

I find it very good in the way that they show the past events, including the attack history. You are able to visualize all of the attack paths and connectivity to see what's happened.

The GUI interface is very good.

They are using the best machine learning and AI at the moment.

The need to simplify the analysis from a user perspective. In a few cases, you have to be a specialist in order to understand what's happening. It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.

I was been working with Darktrace for two years.

Stability-wise, we have not had any issues and it has been quite good.

We haven't had any trouble with scalability.

We have had contact with technical support and help was quite straightforward. Our feedback for them is good.

We work with a variety of products in the security space including Darktrace, Splunk, Elastic, and others.

The initial setup is really simple. This product is normally deployed as an on-premises appliance and it normally takes less than one day. It depends on how complex the network is, but it's usually quite simple.

Our customers feel that the price of Darktrace is quite high compared to other solutions. However, I feel that they are one of the top solutions in this space and they want to be paid for that.

They are currently working on improving their interface by including AI to help simplify things, but it does not work on real-time data. Rather, it works on historical events.

This is definitely a product that I can recommend, although I would probably be using it together with a SOC service or somebody else who can manage it properly.

I would rate this solution a seven out of ten.