Darktrace Reviews

We use the solution for email, network and cloud security.

The network security and AR response are the main things.

The product is expensive, but it is a very good product. The user interface is also good.

I have been using Darktrace for two years.

The product is stable.

I rate the solution’s stability a nine out of ten.

The solution’s scalability is pretty straightforward. We’ve around 3500 users using this solution.

I rate the solution’s scalability an eight out of ten.

I contact technical support on occasion and ask questions, and they are responsive. I can get them on call or email. I’m very happy with the support.

Positive

The initial setup was quick and painless.

The product is very expensive.

The product is expensive, but it is a quality product. If you look apart from the cost, it's a good product followed by very good support. If you're willing to spend the money, it is worth consideration.

Overall, I rate the solution an eight out of ten.

Our primary use case is incident response.

One thing I appreciate is Antigena Email, which is for email protection.

One of the most valuable features is Behavior analytics.

One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent.

For example, if a user is sent an unauthorized file via SMB, Darktrace would only flag that SMB traffic occurred between the two users. It wouldn't be able to tell us which file was sent, so we would have to manually investigate the incident to determine what happened.

It would be helpful if Darktrace could flag the specific file that was being transferred in SMB traffic incidents. This would make it much easier to investigate these incidents and take appropriate action.

In future releases, I would like to see more playbooks.

I have been using this solution for a year now. 

I would rate the stability a ten out of ten. 

I would rate the scalability an eight out of ten. There are five end users in our analyst team. 

The customer service and support are really good. That's one of the things that I've come to appreciate about Darktrace. 

Any concern that you give to them, they come on board and arrange a meeting where you could possibly do some practical work with them. They would take on the incident, and they would say, "Okay. Let's set this incident together."

Positive

We used Sophos. We chose Darktrace because of its reliability. Unlike other solutions that rely heavily on signature-based logins, Darktrace operates by learning the behavior of individual users. This means that what may seem normal to me could be considered abnormal for someone else, and Darktrace can effectively block such anomalies. This feature has proven to be immensely helpful.

The initial setup is very easy. I would rate my experience with the initial setup a ten out of ten, where one is difficult and ten is easy to set up. 

It took around an hour to set up. 

The deployment process is pretty self-sufficient. It handles network closure and device discovery.

One person is sufficient for the deployment process. 

The solution is quite expensive. I would rate the licensing model an eight out of ten. 

I would recommend it based on its excellent behavior analytics and AI implementation.

Overall, I would rate the solution an eight out of ten. 

The tool offers us visibility into network traffic. 

The tool gives us alerts whenever an admin is trying to connect.

I am impressed with the product's ability to give insights into network traffic. 

I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint. 

I am using the product since September. 

The solution is stable. 

The tool's deployment is easy. 

The tool's pricing is costly. 

I would rate the tool a nine out of ten. You need to use the tool on a trial basis so that you can get comfortable with it. 

The solution is a security cover for our on-premises solution to improve our security rating. Also, we want to protect our emails.

It has helped the organization to detect any malware affecting the machines. For example, if any phishing email creates a factory view bug or some of the workstations have some weird activities, or if someone downloaded malware from the internet, then Darktrace sends us a warning notification to look into the details so that our machine does not get involved with the malware. This function has helped our organization.

The network monitoring and the email monitoring features are very valuable for us.

The main portal needs improvement as it is difficult to use. But it's straightforward to follow compared to other VPN portals, for example, Azure. You don't have to bug the customer support team quite often.

They can add the EDR and follow-up options in the next release. For instance, if something happens, we get a notification. If a follow-up option is available, we can create a case and then understand how to record the evidence.

I have been using Darktrace for one year.

It is a stable solution. I rate it nine out of ten.

It is a scalable solution. I rate it a nine out of ten. Presently, 150 users are using the solution, and we wish to increase the number of users in the future.

The technical support team is slow, but not that bad. I rate it eight out of ten.

Positive

I do not know much about it, as an engineer from Darktrace did the setup for us.

The engineer from Darktrace set it up about two years ago.

There has been a return on investment using the product.

We pay 8,000 a year. The pricing is reasonable.

If any company has enough budget to put another layer between the internet and the on-prem device, they should consider Darktrace.

I rate the product a nine and a half out of ten.

Our customers use Darktrace to monitor network traffic.

I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good.

It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper. 

Darktrace is relatively stable.

Darktrace is scalable. It's very good. We have two big banks in Turkey using this solution.

The initial setup is straightforward. It takes me about half an hour to deploy this solution.

We implement this solution.

Darktrace is expensive. You can pay for the license yearly.

I would recommend this solution to potential users. But the cloud solution is challenging to use in Turkey.

On a scale from one to ten, I would give Darktrace an eight.

I work for a Managed Security Service Provider (MSSP), and we provide the solution for our clients to improve their security posture in both IT and OT. The deployments are typically hybrid. 

The solution is outstanding from a monitoring perspective. 

All of the features are valuable and provide excellent capability in the field.

Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides.

A relatively new module called Darktrace PREVENT provides digital protection to the company from the internet. However, the protection doesn't extend to the dark web, which limits its depth. PREVENT also offers phishing awareness training in the form of dummy attacks and some penetration testing, but it is very limited from my point of view.

The AI and Darktrace breach model must be enhanced to minimize false positives, as they can give our customers a negative impression of the solution. Some of them come to us and say they aren't getting what they expect from it, especially after a significant investment.

I initially used the product in 2016, then returned to it in 2022 and have been using it for about a year. Over the years, the extension to the Darktrace portfolio has been tremendous, and they have made improvements in many areas, including reporting and autonomous response.

The stability is very good; I rate the solution eight out of ten here. 

The solution is scalable; I rate it eight out of ten for scalability.

Darktrace tech support is helpful, but there is room for improvement, especially around assistance for complex deployments. I rate them seven out of ten. 

Neutral

The deployment is straightforward. However, a complex network, such as one in the cloud and a DOCSIS ecosystem, can become extremely difficult. Generally, though, the deployment is straightforward, and in our case, we completed the whole setup in three to four hours.

Specifically, large, complex MPLS networks are exceedingly tricky when deploying Darktrace. We may need more experience or training, but it would be good to see some improvements here.

Our InfoSec team uses the solution, consisting of two to three staff members. Regarding endpoints protected by the product, there were around 400 in my old position and 2000 in my current organization.

I'm unfamiliar with the exact cost, but we have a yearly license and had to pay for Darktrace's services before the deployment. The product is very expensive, so some organizations can't afford to pay the total amount directly, meaning they often seek a partner or pay in installments, which increases the price more.

Darktrace requires direct billing to London, which isn't possible for organizations in Qatar, so they have to go through processes that increase the price even further. If they had an office in Dubai or Qatar, that could solve this payment issue.

I rate the solution eight out of ten and highly recommend it.

From a technological perspective, Darktrace is an excellent company, and the rate at which they improved and continue to improve their product is impressive.

All the data is on the appliance on the customers' premises, and we have to open back doors to the analysts in London to access the devices, who have complete visibility into what's happening on the customer side. This is a significant negative point for Darktrace. They also have complete visibility into our email, which is a privacy concern for us. 

We use Darktrace to monitor our network and block URLs from certain countries. Darktrace is integrated with our firewall, so the blocking is automatic. 

We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them. 

Darktrace blocks any new scanning tools that are detected on your system. 

I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets.

We have used Darktrace for about six months.

Darktrace is highly stable. We haven't had any downtime except for a power outage last year. 

We reported one case, and Darktrace support responded right away.  They assigned us an account executive who contacts us at least once monthly to discuss any outstanding issues. 

Setting up Darktrace was pretty straightforward. We had to open the port that is plugged into the switch. The whole process was done in under five minutes. You plug in the device and turn it on. 

Darktrace has helped us identify gaps in our system.

Darktrace is pricey, but the price is reasonable for what the solution does, and it's comparable to other products.

I rate Darktrace 8.5 out of 10. I recommend doing a proof of concept to see what you're getting. We got good results. During the POC, Darktrace showed us lots of things we didn't know about. 

Darktrace is used for network security.

The solution can be deployed in the cloud and on-premise.

The most valuable feature of Darktrace is the AI that detects abnormal network activity.

Although we haven't detected any network threats since implementing Darktrace, we are unsure of its efficacy. It would be beneficial if the solution could offer additional details to the user regarding any potential or prevented threats. Additionally, there could be better search tools and integration.

I have been using Darktrace for approximately three years.

The stability has been good in my usage.

I rate the stability of Darktrace an eight out of ten.

We have serval engineers that use Darktrace.

I rate the scalability of Darktrace an eight out of ten.

The support has been good. When we contacted them we received a helpful response.

I rate the support of Darktrace an eight out of ten.

We have used many similar solutions before Darktrace. We choose Darktrace because of the AI. We can develop many use cases with the solution.

The initial setup of Darktrace is straightforward. We are using Slunk and the implementation is simple.

We used a third party for parts of the implementation of Darktrace.

There is an annual license to use Darktrace.

One person can handle the maintenance of Darktrace.

I recommend the solution to others.

I rate Darktrace an eight out of ten.