We use Vectra AI mainly for presentations.
Analyste SOC at LGM Group
Efficient, stable and improves productivity
Pros and Cons
- "It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
- "The rules for threats are not always precise and Vectra AI should improve this."
What is our primary use case?
How has it helped my organization?
It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI.
When it comes to Vectra AI helping our software's productivity, it has an effect because it's faster and that is quite important.
What is most valuable?
The feature I found most valuable is the recording because it's easy to analyze logs that I need to analyze.
What needs improvement?
The rules for threats are not always precise and Vectra AI should improve this.
Buyer's Guide
Vectra AI
March 2025

Learn what your peers think about Vectra AI. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.
For how long have I used the solution?
I have been using this solution for about eight months.
What do I think about the stability of the solution?
Regarding the stability of this solution, I would say that it is efficient. We've had only one issue in the past eight months with logs.
What do I think about the scalability of the solution?
My impression is that Vectra AI is a scalable solution and that is exactly what we need, which is great. We have around 1,500 devices currently.
What was our ROI?
I would say that we have seen an ROI with Vectra AI.
What other advice do I have?
We use the Threat Detection and Response platform, mainly for forensics. It's quite effective because it's easy to understand and everything is in real-time.
Overall, I would rate this solution an eight, on a scale from one to ten, with one being the worst and ten being the best.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Owner NDR at a tech vendor with 201-500 employees
The Recall feature enables us to use archived data to address current or active threats that may not have been detected
Pros and Cons
- "The core product provides excellent visibility, but my favorite feature is Vectra Recall."
- "Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the Visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra."
What is our primary use case?
I work as an analyst who determines how our services should be built and integrated. We use Vectra to address a lack of visibility in our client environments. The tool has the potential to solve problems in a few areas, with new features on the way. We're exploring ways to build our services on top of the Vectra platform.
We are considering the various integration options and how we can build a solid portfolio using this suite of products in future services. We have other tools like Palo Alto, and we hope to leverage our services on other platforms. There are several internal integration challenges that we need to examine.
How has it helped my organization?
Vectra gives my clients a sense of comfort. For example, in some of our cases last year, Vectra enabled us to understand each exploit's phases of attack, helping us to segment those phases. We knew how the phases were executed, so we could search for all those signs. It put the client at ease to know we could see signs of successful exploitation and demonstrated our value to them.
We're software clients building services on top of Vectra for our customers. It's crucial for us to get the alerts we need and decide which quarter should be our focus. We're still trying to navigate the solution, but we're getting closer to determining how we want to build our services. We know how to deliver the services, but there are nuanced ways we can improve. However, learning the cloud UI and new scoring models has been an adjustment.
What is most valuable?
The core product provides excellent visibility, but my favorite feature is Vectra Recall. It enables us to use archived data to address current or active threats that may not have been detected.
I have yet to see real-time attacks, and I'm the kind of person who needs hands-on experience. At the same time, they are triggering alerts on our regular scanning tools like Nessus. It triggers if they are noisy enough. Vectra's Threat Lab showcases this, but I need a case to work with to know from experience.
What needs improvement?
Vectra Recall could be utilized much more, and I'm seeing some indications of that today with the investigative components. I use the visualize feature to visualize components and dashboards a lot. I'm interested in new ways to build automated searches or having them leveraged already from Vectra.
For how long have I used the solution?
I have used Vectra AI for around a year.
What do I think about the stability of the solution?
Vectra AI is stable on the sensor side. It doesn't create a heavy maintenance burden on our team. There is a thin line between what we need to do and what our client needs to do. The client has an outsourcing partner doing things for them, and there aren't many issues with the detection platform. Recall sometimes goes down when we make too many queries, but it comes back up quickly.
What do I think about the scalability of the solution?
Vectra AI is highly scalable. Our clients vary in size, ranging from 400 IPs to massive deployments with upwards of 20,000 IPs. So it's just a matter of getting the initial scoping and what type of visibility you want to have.
How are customer service and support?
I rate Vectra customer support ten out of ten. They're excellent, and they'll find the correct answer even if they don't know it at first. We use tech support and the customer success team. They are top-notch and responsive to any suggestions we have as an MSP.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have some personal experience with one of Vectra's main competitors, but I won't mention them by name. I'm trying to go beyond all the marketing hype, and I have huge respect for both tools. As an analyst, I want to find the bad guys at the end of the day, and I've had good experiences with both. We have more experience with the other tool, and I'm comfortable detecting threats on both. They're equally capable in this field.
Vectra AI has advantages, including a more extensive list of attack and defense references. Vecta has better at-a-glance integration options with EDR tools like CrowdStrike. There are nuanced differences between the products, and one might be more suitable depending on your needs.
There are more dimensions than detection capabilities. It depends on the partner model and the market. Vectra covers many of those areas, and it's our primary vendor.
How was the initial setup?
Our platform team was responsible for implementing Vectra. The greatest challenge was getting the initial scoping a hundred percent correct. Sometimes the client comes from Vectra, and/or they come from us. The handover must be hundred percent because we know exactly what we will deliver. Existing and future clients need to ensure the scoping is perfect.
The scope is sometimes unclear and isn't apparent until you start. The scoping needs to be right for you to have a good deployment. You know your integration options and will connect X of these sensors.
Once the scoping is correct, everything else is straightforward for our team to implement.
What was our ROI?
I haven't gotten much feedback about the return on investment. Because nothing is happening yet, we need some reassurance that we can see when it does. We must feel confident that it will actively respond when something happens.
We can use Vectra to create visibility, like Microsoft coming out with end-of-life PCERPC integrations. We can help the clients even though it's not on the security operations team. You can utilize the network data once you have it and we can build the services to provide assistance above and beyond detection.
What other advice do I have?
I rate Vectra AI a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Vectra AI
March 2025

Learn what your peers think about Vectra AI. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.
Head of system and infrastucture at a government with 1,001-5,000 employees
It just gives us so much detail about the malware putting our environment in danger
Pros and Cons
- "Vectra AI is the best. It is a major product in our cybersecurity."
- "The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
What is our primary use case?
Our primary use case for this solution is network traffic analysis.
When we initially launched the solution, it gave us more detection compared to what we had before, but we needed more details in the field. However, once we added the Cognito feature, Vectra AI became an important solution in our environment. We now use it as a complete cybersecurity platform for detection, analysis, and referring security alerts. Vectra AI is the best. It is a major product in our cybersecurity.
What is most valuable?
The Vectra AI feature I find the most valuable is Cognito. It just gives us so much detail about the malware putting our environment in danger.
What needs improvement?
The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - we must work on response time. We have a small team so response time at the endpoint level is vital. At the network level, response time actually works with Vectra AI.
For how long have I used the solution?
We have been using Vectra for three years. This is the third year that it has been in our environment and we really want to continue with the solution.
How are customer service and support?
Vectra AI's tech support is very good. Like I said, we had a rough start with the solution because we did not have the necessary experience in year one. However, whenever we needed it, Vectra's tech support came through to help us out. They gave us the details we needed and always responded to our questions. We also received online training from them. We had an excellent experience with them.
How would you rate customer service and support?
Positive
How was the initial setup?
I was not involved in the initial deployment. I'm on the team in charge of monitoring our environment.
What about the implementation team?
We deployed the solution in our environment through a partner firm called IT Security.
What was our ROI?
We have seen a return on investment.
What's my experience with pricing, setup cost, and licensing?
I think the pricing structure is good compared to other products. The price is not too high and it's not too low. It is perfect.
What other advice do I have?
When we initially deployed Vectra, I was not working on it very much because I did not have very much experience with it. At that time, I was not happy with Vectra and was mainly using other solutions, like Splunk. However, as we learned more about how to use Vectra more effectively, we added additional features and made greater use of the dashboard. In year two, we started seeing Vectra as a tool for analyzing our network traffic. Right now, I think it is a good solution.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Network Engineer Security at a government with 51-200 employees
Generates only relevant information
Pros and Cons
- "Vectra AI generates relevant information."
- "Other alternatives, like Darktrace, have a fancier UI."
What is most valuable?
Vectra AI generates relevant information.
What needs improvement?
Other alternatives, like Darktrace, have a fancier UI.
For how long have I used the solution?
I have been using the product for two years.
What do I think about the stability of the solution?
Vectra AI is stable.
What do I think about the scalability of the solution?
The solution is scalable.
What other advice do I have?
I rate Vectra AI an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free Vectra AI Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Intrusion Detection and Prevention Software (IDPS) Network Detection and Response (NDR) Extended Detection and Response (XDR) Identity Threat Detection and Response (ITDR) AI-Powered Cybersecurity PlatformsPopular Comparisons
Darktrace
Splunk User Behavior Analytics
Palo Alto Networks Advanced Threat Prevention
Trend Micro Deep Discovery
Trend Micro TippingPoint Threat Protection System
Check Point IPS
Fortinet FortiGate IPS
Palo Alto Networks URL Filtering with PAN-DB
Cisco Secure IPS (NGIPS)
Cisco Sourcefire SNORT
Trellix Intrusion Prevention System
ExtraHop Reveal(x) 360
Proofpoint Identity Threat Defense
Zscaler Cloud IPS
Buyer's Guide
Download our free Vectra AI Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
- What is the biggest difference between Corelight and Vectra AI?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Intrusion Detection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- What product do you recommend for a Campus IPS appliance implementation?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- What are the pros and cons of Darktrace vs CrowdStrike Falcon vs alternative EPP solutions?
- Which alternative solutions (other than Darktrace) do you recommend for an SMB?
- Which is the best intrusion detection and prevention solution?
Good