Try our new research platform with insights from 80,000+ expert users

Abnormal Security vs Darktrace comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 2, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Abnormal Security
Ranking in Email Security
4th
Average Rating
9.4
Reviews Sentiment
7.5
Number of Reviews
11
Ranking in other categories
Secure Email Gateway (SEG) (3rd)
Darktrace
Ranking in Email Security
9th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
84
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), Extended Detection and Response (XDR) (6th), Cloud Security Posture Management (CSPM) (13th), Cloud-Native Application Protection Platforms (CNAPP) (11th), Attack Surface Management (ASM) (4th), AI-Powered Cybersecurity Platforms (4th), AI Observability (8th)
 

Mindshare comparison

As of January 2026, in the Email Security category, the mindshare of Abnormal Security is 5.9%, down from 6.5% compared to the previous year. The mindshare of Darktrace is 2.2%, down from 2.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Email Security Market Share Distribution
ProductMarket Share (%)
Abnormal Security5.9%
Darktrace2.2%
Other91.9%
Email Security
 

Featured Reviews

William Schellhaas - PeerSpot reviewer
Senior Director of IT at Crunch Fitness West Florida and Atlanta (CR Fitness)
Provides comprehensive email security management, effective in detecting a wide range of email threats
The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails. This means Abnormal Security would assess emails before they reach my inbox, even if it happens slightly after Microsoft's initial scan. Currently, the process isn't seamless. Microsoft analyzes emails and delivers legitimate ones to my inbox. Abnormal Security then scans these delivered emails, and if flagged as malicious, they disappear. This creates a problem for our ticketing system mailbox, which is a third-party service. Emails sent to the ticketing system address are automatically forwarded by Microsoft. However, if these emails are malicious, Abnormal Security only cleans them from my Outlook mailbox after they've been forwarded. Since we primarily rely on the ticketing system and not the Outlook mailbox, these malicious emails still reach the ticketing system.
AM
Technical Consultant - Unix Platform Services at BITS AND BYTE IT CONSULTING PVT LTD
Consistent threat hunting and anomaly detection deliver valuable insights for network security management
In terms of improvement for Darktrace, pricing is the main concern. Pricing bothers me and this is one of the major factors when choosing a solution. When we get feedback from customers, that's the only felt need. When we factor in Darktrace, we do it only limited. We put it on where the perimeters and connections are, but still, some gray areas are left out, especially if we have multiple branches. We need Darktrace on each branch to get the data out, and I suggest having some kind of a centralized product that gets data from multiple sources to aggregate and provide the data.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have never encountered any stability issues with Abnormal."
"It protects us from being business email compromised, which is invaluable for maintaining our security."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"Abnormal Security's AI capabilities are what we like most, as they can categorize and classify the emails, and based on the context of the email, understand if it's a graymail, a bulk mail, or a phish."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"It is very stable and easy to use."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"The active threat dashboard is the most valuable feature of this solution."
"Darktrace is valuable since it offers full packet capture and detailed metadata."
"The most valuable feature is that it works autonomously."
"The autonomous response is also highly designed in Darktrace."
 

Cons

"There could be more selectable options and more granular selections available."
"I would like to have the ability to customize the auto-remediation feature."
"There could be more selectable options and more granular selections available."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"For Abnormal Security as a product, I would say probably somewhere around a seven, as there are some other areas where they can improve to achieve a higher rating."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"The biggest pain point for us is the lack of support for on-premise email systems."
"The management dashboards and the meter dashboards should be more user-friendly and simple to use for easy management."
"I would like to see some additional enhancements."
"Getting logs from different sources can be a challenge."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"The solution's user interface and stability could be improved."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"Needs to improve its collaboration with local partners."
"I'd love them to see maybe covering the cloud a bit more."
 

Pricing and Cost Advice

"The license is based on the user count, so the number of users that have an email address in the organization."
"The pricing appears fair, and they demonstrate a genuine willingness to work with us on it."
"Abnormal Security, on the other hand, provides the same level of functionality for just over $60,000 – that's half the price!"
"Overall, we'd certainly prefer lower pricing, but Abnormal Security doesn't seem unreasonable compared to similar offerings in the market."
"The pricing is quite high, estimated at around $350,000 per year."
"It's an expensive solution."
"The cost is moderate."
"Our customers feel that the price of Darktrace is quite high compared to other solutions."
"The pricing is reasonable."
"When it comes to large installations, it can be expensive, but for small accounts it's fine."
"This solution is expensive."
"It is expensive."
report
Use our free recommendation engine to learn which Email Security solutions are best for your needs.
881,082 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
Computer Software Company
11%
Manufacturing Company
9%
Financial Services Firm
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise2
Large Enterprise8
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise19
Large Enterprise29
 

Questions from the Community

What do you like most about Abnormal Security?
The features that appeal to me most are the combination of auto-remediation and Detection 360.
What is your experience regarding pricing and costs for Abnormal Security?
I find the pricing to be favorable, but I did not disclose the exact cost.
What needs improvement with Abnormal Security?
Ease of use is important, and Abnormal Security's responsiveness and ability to deliver solutions when issues arise are crucial. However, there is always room for improvement, as achieving a perfec...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
 

Overview

 

Sample Customers

Foot Lcoker, Xerox, Liberty Mutual, Mattel, Boston Scientific
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Find out what your peers are saying about Abnormal Security vs. Darktrace and other solutions. Updated: December 2025.
881,082 professionals have used our research since 2012.