Vectra AI Reviews

Our company is in the retail arena, and we have stores, warehouses, and a data center. Right now, we're using Vectra AI in our offices and the data center. The major issue we had was that we were completely blind inside our data center in terms of seeing what traffic we had. Our main focus with Vectra AI was to see what's happening inside the data center through virtual sensors.

We're going to expand it to include our stores because the franchisees requested that we monitor the networks in all of the stores. Every shop in our company is a franchise, and they can do whatever they want to in their shops. We won't have any idea as to what's on the network in the shops. By using Vectra AI, we will have visibility into the network.

We have started the proof of concept for our warehouses as well.

We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force.

The platform is well-designed around the quadrant. We know quickly how to investigate, and the detections are clear. I like Vectra AI's integration with Active Directory and the fact that it's easy to take in hand.

We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough.

In the next release, I would like to see more triage choices. From my point of view, Vectra is missing a lot of choices. This is an area that they could focus on.

Vectra is also moving to a full cloud model, and I am not sure if going full cloud and leaving the on-premises environment is the way to go. We are not sure whether we'll move to the cloud with Vectra because it's hosted by AWS, which is one of our competitors. We don't like to work with anything that works on AWS.

We did a proof of concept two years ago and then deployed it in March, 2022.

We've had issues with stability. Vectra said that they underestimated the power we needed on our brain as it's very slow. We have delays that can be up to 40 seconds. We also had a hard drive that died. In one year, we've experienced three major issues.

We have different types of deployment that impact scalability a lot. The good part is that if we want to see everything that gets into the data center, we only need a single sensor in the data center. However, if we want to go in-depth in every store, then it will be a long process because we'll have to deploy thousands of sensors.

Right now, our license is for 10,000 IPs, and we hope to increase it to 110,000. If we deploy Vectra AI in the warehouse as well, we will need 25,000 extra. When we upgrade the brain server, Vectra AI should be able to scale accordingly.

When I contacted technical support, they usually take control of my laptop for an hour or more, and I can't do anything during that time. They do not explain anything and mute themselves for an hour or more. I don't know what they're doing or if they're even working on the issue.

However, they have been proactive because they know we have issues with our brain. If I have a bug, I've noticed that they usually respond quickly.

Thus, on a scale from one to ten, I would rate technical support at six.

Neutral

I've done four deployments in total, and Vectra AI is easy to deploy. On the admin interface, it's also easy to set up the integration with EDR.

It is an expensive solution, but it's not the most expensive we've seen. We also know how much we're going to pay, unlike with some other providers where all of a sudden our license explodes.

We will probably need to deploy over a thousand physical sensors. This means that the cost will automatically go up to millions. They do not sell the smallest sensors that they had in the past, which we would be glad to have right now.

We looked at ExtraHop, a VMware NDR solution, Carbon Black, and a solution from a French organization.

Carbon Black is oriented around VMware products. As such, it would have been okay for the data center, but we would have had to upgrade the entire physical infrastructure inside the data center. It would have been very expensive, and thus, we eliminated Carbon Black. The French competitor was eliminated because the solution was a few years behind.

We then talked with Vectra AI and were happy with what they offered us. We spoke with other companies that use it and found out that they were happy with it. Thus, Vectra AI got the opportunity to do the proof of concept.

Overall, I would rate Vectra AI an eight out of ten.

Vectra AI is an NDR tool, and my company is using it for security and insider threat detection purposes.

What I like best about Vectra AI is that it alerts you about suspicious activities.

An area for improvement in Vectra AI is reporting because it currently lacks some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers.

Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical.

I've been using Vectra AI for two years now.

Vectra AI is a stable tool.

Vectra AI is a scalable tool.

My company has a dedicated support team for Vectra AI, so I have the support team's direct contact number and WhatsApp number.

The technical support is excellent, so my rating is five out of five.

The initial setup for Vectra AI wasn't that complex. It won't take long if your environment is ready, with all required ports open. Setting up Vectra AI would be easy.

We implemented Vectra AI together with their technical support team.

My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector.

I'm the admin of Vectra AI, a tool implemented in my company.

The tool was updated three or four months ago, but I'm unsure if I have the latest release.

My company has two SOCs in different areas, so all SOC analysts log in or use Vectra AI, with the alerts forwarded to Splunk. One person is the admin in-house, but he works with support because the tool is customized for my company, as any command can't be run in Linux.

I'd recommend Vectra AI to others looking for an NDR solution.

Vectra AI is excellent for NDR purposes, in general. I'm rating it as ten out of ten based on my experience because I'm investigating the Vectra AI alerts. It triggers alerts for suspicious activities, so it's an excellent tool.

We have a basic Vectra environment because we mainly only use the NDR for the solution's options. We do mainly filled logins, anomalies, and network flow monitoring.

Vectra AI helped improve our mean time to identify by allowing us to have visibility and reveal some hidden or unknown things.

Vectra AI has had a positive impact on the productivity of our SOC team which is an external party. It as well had a positive impact on our IT environment for detection purposes, adapting, and hardening.

The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable. That's because with the information we get out of Vectra, we know how to adapt and modify things in our network.

Regarding Vectra AI attack signal intelligence, it is providing us with information on how to adapt or protect ourselves against certain attack vectors. This feature is quite helpful.

I think Vectra AI's automation, reporting, and integration could be improved.

I have been using this solution for two years now.

It's stable as it performs as we expected.

If you have enough power or bandwidth to deploy another sensor, the scalability of this solution shouldn't be very complex.

I would rate the technical support of the Vectra AI solution a seven, on a scale from one to ten, with one being the worst and 10 being the best. The reason for this rating is that they always deliver what we expect and that's good enough for us. The reason that the rating is not a ten, is that we always need to let people improve themselves.

Neutral

I joined the deployment project at a later stage and I worked on deploying the sensors and tuning false positives and similar things. My experience when it comes to deployment was quite good as we had good hands-on engineers which is why the implementation went well. Our deployment was straightforward with our hands-on approach.

When it comes to ROI, in certain places we saw the return and in certain places we didn't. When it comes to security investments and tooling of security, the return on investment takes a bit longer and you always see your investment back. At one point something will happen and you will start using the tool for the reason you bought it.

Before Vectra, we didn't have any feasibility of our network net flow, so this solution gives us a better view of what has been happening on our network and this is what we're trying to solve by implementing Vectra.

We are not using the flood detection response platform.

We are not using Vectra MDR services.

Overall, I would rate this solution a seven, on a scale from one to ten, with one being the worst and ten being the best.

We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities.

The solution's weekly reports needed to have more explanations. However, we needed more explanations because the reports provided were mainly statistical. We were looking for more analysis and insights.

I have been working with the product for less than a year. 

The initial setup was pretty straightforward. 

The solution's pricing was 50 percent lower than the other vendors shortlisted. 

I wouldn't recommend the product to others. We are moving away from it. I rate the overall solution a six out of ten. 

As an end user, I do not have to commit manpower to manage Vectra since most of their use cases are managed by them. It's a hands-off kind of deployment.

The deployment is hands-off, which means it saves us manpower resources since Vectra manages the use cases.

Most of their use cases, including deployment, are managed by the tool itself, requiring less manual input from our team.

Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources.

I have been working with Vectra for one or two years.

It's pretty good with no major issues.

The support is quite reliable depending on the service engineer assigned. I would rate them between eight and nine.

Positive

We are also working with Darktrace.

The setup is generally straightforward.

Vectra is cheaper in terms of pricing and features compared to Darktrace.

Vectra was compared alongside Darktrace.

Vectra serves its purpose well and does not require much manpower for updates.

I'd rate the solution eight out of ten.

I'm managing the solution. I work in the infrastructure, so I install, reinstall brains and collectors.

It's very easy to manage. We don't have any issues with the Vectra service. It's completely painless. It's a good product.

It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it.

There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack.

I've been using this solution for two years.

We didn't have any issues so far.

We deployed some brain instances, and everything was smooth. We are a big enterprise, and its scalability hasn't been an issue.

Two months ago, we had a small incident, and we used their technical support. A colleague of mine interacted with them, and it was perfect. It was done flawlessly, and everything worked. I'd rate them a nine out of ten.

Positive

We didn't use any similar solution previously.

It's quite easy. Compared to other products, its implementation is very easy.

We managed the deployment. We managed the team that implemented the solution. I've had only a few interactions with them, and every time, it was perfect.

We have not seen an ROI yet because we have just implemented and started to use it. 

I was remotely involved in its evaluation. We tried to create alerts, and Vectra always caught the attacks. Vectra was also easy to implement.

I'd rate Vectra AI a nine out of ten because there's always room for improvement.

I'm a SOC analyst, and I use Vectra AI to detect and respond to security incidents. My team manages the critical detections, and another team takes the low-priority detections. They also use Vectra to hunt for the system root.

We use the Threat Detection and Response platform, and it's quite good at detecting and responding to threats and attacks in real-time. I really like the UI experience because it's simple to use, and we get quite a lot of information very quickly.

Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution.

Another benefit that is unrelated to security is that it allows us to see misconfigurations or things that should not be happening in terms of compliance.

As SOCs, we concentrate on the OS side, and with Vectra AI, we can now see the network from an endpoint point of view. It gives us new alerts and does bring some work because we now have more visibility. However, it's opening up a wide range of things for us.

We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well.

I've been using this solution for six months.

From my point of view, Vectra AI's stability has been quite good. We have never had any issues.

On a scale from one to ten, I would give Vectra AI an overall rating of eight.

Our primary use cases for this solution are detection and then investigation afterward.

Vectra AI helped our team be more productive and save time. We have less work thanks to it.

We have not had any real threats so far.

Vectra AI helped improved our mean time to identify.

One of the things I am not so happy about when it comes to Vectra is the scoring board. 

In Darktrace, you can point or click on any client and see any connections that have been made directly in the dashboard. You don't have to go to recall. This is likely why Darktrace isn't as fast as Vectra, but it would still be nice to see this feature in Vectra. In addition, Darktrace has an advanced mode, but you are also able to see it directly in the main dashboard. This would be great to see in Vectra as well. 

We started implementing the tool around November. It is a step-by-step process for us because we have several locations and my team was not implementing it independently. We have another team that has to drive to the location. We finished the last location in mid-January.

Vectra AI is a stable solution. It works. 

Vectra AI's scalability is fine. We have a brain, we have a lot of centers, and the solution is easy to implement. Everything works.

The tech support is great. Whenever we had a problem, we got an answer immediately. This helps with having a general feeling that everything works in a solution.

Positive

We previously used a different tool, Darktrace. We used it for four years. The management told us to look for other tools. This was after we switched our main network hardware. We contacted Vectra and took the next step. We were just comparing different tools when we decided to go with Vectra. There were many different tools that were similar but we ultimately chose Vectra. Compared to Darktrace, Vectra's UI is much cleaner, there is less noise, and the performance is way better in the graphical interface. We get much fewer false positives. We also have to put less work into this tool, which is great for companies with small teams.

I was involved in the deployment from start to finish. It was fairly straightforward. The support we received was very good. When we had questions, they were answered immediately by the support engineer assigned to us.

I can't speak to whether or not we have seen a return on investment with this solution because we have not had any real threats so far.

As far as pricing goes, my only reference point is Darktrace. Their pricing is pretty even, which is a fair price.

We have not yet tested the whole tool in a penetration test. However, I would nonetheless give it at least an eight out of ten, with one being the worst and ten being the best. 

Right now, we have a good understanding of the UI and I know that there have been improvements to the visualization. The scoring redirects your focus to things that you should be looking at. The tool we used before Vectra was Darktrace. It was similar to where Vectra is heading now. With the scoring system, Vectra is a better solution.