Darktrace Reviews

We use Darktrace for standard network security, mail security, and SaaS security.

NTG is now autonomous response.

The management user interface needs improvement. More insights are necessary, and deeper technical experience and knowledge are required to pinpoint actions, breaches, or behavior.

We have been using Darktrace for three years.

I would rate the stability of the solution as nine.

The scalability of Darktrace is very high. I would rate it eight out of ten.

Technical support is rated at nine out of ten.

We used more standard antivirus solutions and firewalling. However, these cannot be compared to an EDR or HDR like Darktrace.

The setup was straightforward and not a problem, even for someone not very technical.

Our service provider did some support there.

The pricing is rated at eight, implying it's considered expensive.

We evaluated other options, but they were more like standard antivirus and firewalling, not comparable to Darktrace.

I recommend Darktrace to others if they can afford it.

I'd rate the solution eight out of ten.

We were testing the solution to see its network detection response capabilities. 

We had an okay experience with the product and didn't really have any issues. 

The Antigena feature is very useful.

It is stable. 

The product can scale. 

Support so far has been helpful and responsive. 

I don't have any specific issues with the solution. We are still in the early phase of analyzing the product.

The cost is a bit on the higher side. We'd like it to be less expensive. 

We were using the solution. In the past month, we stopped using it. We used it for three months.

We're just trying the solution. We had meetings. We were testing it. Nothing is finalized.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is scalable. However, it varies on a case-by-case basis. 

We have four people working with the solution in our company right now. They are in the IT department. 

We did speak to technical support and found them to be very helpful and responsive. 

I did not handle the setup process. We had a vendor come in and set it up and handle the whole process. 

The vendor set the solution up with us. 

The cost is a little high.

We've budgeted about 50,000 Kuwaiti dinars for the solution. That is a yearly operating cost.

We're busy with some different projects and we wanted to evaluate different products as well on the same technology. We looked into, for example, Check Point EDR and options like Crowdstrike.

We're a potential end-user. We tested the solution. We just tried different scenarios to see what would suit us. We were testing it and will still go ahead with testing. The testing is not yet complete. We've put it on hold for now; however, we will still continue testing in the coming days.

I'd rate the solution eight out of ten.

I'd advise potential new users that they should definitely give it a try; however, the price is on the higher side. Darktrace has to consider lowering its price.

Our use cases for Darktrace are intrusion detection in the complete network, including for all the devices connected, detection, emails, email spoofing, and supply chain attacks.

The most valuable Darktrace feature is the cloud protection for all the cloud services, OneDrive, and all the things related to that.

Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking.

I have been using Darktrace for about a year now. 

Darktrace is stable. 

Darktrace is scalable.

The initial setup was quite straightforward. It took us between two and six months. We got shipped an appliance and installed it in the data center. It then started collecting data. We had a few reviews of what it was collecting and what it would do. There was a test phase after which we enabled it, part by part, following a series of reviews.

Right now, 350 users are affected by Darkforce in our organization. It exists in the background, so they are not actively using it.

One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself. You need to review what it's doing every now and then. You may, for example, need to release an email that was blocked for some reason, but it's quite low maintenance overall.

You do not need an engineer to manage it. It can be managed by a manager as doing so is not super technical. You always have access to Darktrace support, which means their engineers are available help you with the more complex stuff.

Our deployment was done by Darktrace themselves, but they have some partners that also do it. Once you are up and running, you can deploy any additional appliances by yourself.

This is a difficult question and one that was asked of us by the higher ups, but you have to compare the cost with what would happen if there was a breach. It is difficult to articulate a return on investment in hard numbers, but I can see that Darkforce deflects typical attacks and protects users.

I cannot be completely sure what the license cost but it is on a per-user basis. I handle the technical side, so I do not have insight into how much we are paying for it exactly.

I would surely recommend Darkforce. The price might be quite high, but it is really worth it.

We primarily use the solution for network detection and response.

Antigena is the most valuable due to the reduction in terms of the mean time to respond.

The solution can scale.

It's reliable and stable. 

Technical support is great.

The pricing is good. 

The initial setup is a bit complex. 

It's quite a good product. However, I'd love them to see maybe covering the cloud a bit more. We'd like a cloud version. For example, FortiGate firewalls now have virtual firewalls that you can just install, as well as the cloud. They can drive it with Microsoft, and Microsoft can maybe provide technology that would allow Darktrace to work seamlessly in the cloud. 

I've used the solution for almost two and a half years. 

The solution is stable. It's reliable. 

The solution is very scalable. You can also install it in a Citrix environment very easily.

The whole security team has access to it. That said, I have the most hands on in terms of the product. Five or six people use the solution.

Technical support is great. They come from the UK and they came out to Africa to meet us personally. The engineers are always available. Their resellers are supportive. Even to this day we still run through weekly meetings.

We consume quite a lot of products from Darktrace, so we have a few. We got that Darktrace Network, Antigena, Cloud Sales, and AIS integrations, et cetera.

This is my first time working with an NDR that has AI and machine learning.

From a networking perspective, it is a bit complex since we sort of have to keep an end tab on the network for network log ingestion, flow ingestion, and all of that.

The implementation took about two months or so.

We did the implementation with the help of a technician from Darktrace and a reseller. I'd rate their assistance a ten out of ten. They were great.

The pricing is reasonable. I'm not sure of the exact costs. However, they are not that expensive. We pay annually.

I did not compare the solution to other options, although I did look into Cisco Secure Network Analytics.

I'm an end-user.

It's quite a good tool. They've worked hard to be the top security control in terms of AI and machine learning, and their product works well. Cisco would not match up. Maybe Palo Alto Cortex could do what they do. Cisco is not a security house, even though they have the networking knowledge and all of that. Most of their products are only now catching up to cybersecurity.

I'd rate Darktrace ten out of ten.

Darktrace is used for lateral entry investigations, lateral movement investigations, behavioral anomalies from end users, and endpoint detection.

Darktrace has helped our organization by troubleshooting a few issues that were happening in the environment. It was able to see the traffic between the two network components.

Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies.

I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools.

I have been using Darktrace for approximately two and a have years.

Darktrace is stable. We had it set up to where it was redundant. If one sensor went offline, we had another sensor that was constantly monitoring, and it worked well for us.

The scalability of Darktrace was very good.

We had a license for five users, but we had two that were working on it on a daily basis.

We used Darktrace's technical support to help with the setup and with implementation.

I rate the support from Darktrace a four out of five.

Positive

I did not use a similar solution prior to Darktrace.

The initial setup of Darktrace was straightforward, but we used professional services to do it.

We used professional services for the implementation of Darktrace.

We received a return on investment using Darktrace.

We evaluated other solutions prior to using Darktrace.

My advice to others is they have to understand that the solution is looking for behavioral anomalies, and it is going to take tuning to achieve this. It's not a set-it-and-forget-it solution. You have to monitor, update, and optimize it for your environment.

I rate Darktrace an eight out of ten.

We're using it in a complete security solution yet still within a different product that Darktrace has that's related to the network or email.

The most valuable aspect of the product would be that it's a product that is quite easy to integrate. It's quite easy to start working with it, which is working well. The concept of artificial intelligence that is behind the solution is the most interesting feature for us.

The sense of detection and monitoring and topics within security is good.

It was easy to set up the product.

We have found the product to be stable and issue-free.

It is scalable. 

We need them to ensure they will detect new attacks and pick up anomalies.

We, of course, would love more threat intelligence, and more integration with vulnerability scanners. We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on. 

They're working in different modules that could be related to threat intelligence and to the tech vulnerabilities or functionalities related to EDR.

We've been working with the solution for the last couple of years. 

We've had no issues with stability. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

It is scalable and easily expands. 

The whole of the organization leverages the product, however, I do not have a clear picture of how many people we are working it. That said, we have a company of 2,000.

I've dealt with technical support in the past. I found them to be helpful. 

Positive

We did previously use a different solution. That said, I don't remember what it was called. 

The product is easy to set up.

After deployment, we spent three months, which is the time that this solution needs to learn about what's happening in our network. In one day, once we had defined all the configurations and once they have been seen on the appliance, we were able to start running it.

It's an easy product to maintain. 

We handled the initial setup ourselves. We did not need any outside assistance from integrators or consultants. 

The pricing is okay. I'd rate it seven out of ten in terms of affordability.

You have different modules which you have to pay for. If you want to expand functionality, it ends up costing more. 

Looked at Microsoft, Proofpoint, and Minecraft when we were looking into Darktrace. We decided on this product based on the available features. 

We are using the last version of the solution, although I don't know the exact version number. We plan to upgrade in the next couple of weeks. We might be on version five, with the latest being six.

This is something that is really easy to implement in an organization. It gives us good visibility about what is happening in our networks, and on the system. We like the transparency available within our infrastructure now. We can also personalize it to fit our needs. You can either choose plug and play or you can go deeper. They have artificial intelligence you can start working with. You can define more by leveraging modules. Overall, it's very interesting. 

I'd rate the solution eight out of ten.

We use Darktrace to analyze our network traffic.

Darktrace is a good product, although it depends on how much time you put into it.

The models, triggers, and alerts are customizable.

The initial setup is more complex and time-consuming than some solutions.

I have been working with Darktrace for more than a year.

Darktrace is quite stable, but potentially expensive.

The vendor has different options for scaling. I use the appliance; they also offer a cloud service but I prefer the appliance. I put it between the router and the core switch and it picks up all of the traffic.

The technical support is better than Check Point. They respond more quickly.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace requires a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. In general, it's more sophisticated. As far as getting the settings and the configuration and the models that you want, it would help if you spent some time on that. We're a small team. It's beneficial to me and I can see that with more time and energy put into optimizing it and personalizing the unit, it can be much more powerful than the way I am using it now. That said, it's my secondary device. We're working on a lot of different projects, so I haven't assigned any of my guys to it yet. Ultimately, when it's fully integrated, it may end up being as useful as the Check Point.

The reason I keep all three is that they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike and worked with Symantec.

You have to customize it to the way you want, in order for it to work best for your environment. Definitely take time to train while you can during deployment.

Some things do work well, out of the box. However, this would be better suited for somebody that can take the time to configure it correctly during deployment.

Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

My advice for anybody who is implementing Darktrace is that you definitely need to take your time. Sit down and understand how to use the model breach customization. They use models and if something hits that model, it triggers an alert.

I would rate this solution a six out of ten.

The product is a type of intrusion detection and prevention software. It is for network traffic monitoring.

We are able to detect a lot of things, actually, and see what is happening in our network.

It offers good protection.

The deployment is quick. 

It's good as a solution, however, for me, it's quite complicated. They've got a lot of features there. You need a lot of time to learn it.

It's quite expensive to have.

I've used the solution for around a year.

The core is stable. There are no bugs or glitches and it doesn't crash or freeze. 

It's not high on scalability, in the box itself. You don't need scalability to scale out the server like that. 

There is one that is able to monitor the entire network. Our entire IT department is on the product. We have a three-person technical team. We may expand usage later this year. 

Technical support is quite good. Every quarter, they will contact us for a meeting, however, any issue actually is reported online and their response is quite fast.

The deployment was very fast. They just put the appliance in and connect our call switch and do everything else that is needed. It's all very fast.

We used the SI to help us with the implementation. 

The pricing is expensive. It costs over $100,000 a year. There are no additional costs beyond the price of the license. 

I'm currently exploring other solutions as a comparison. We are looking for Sangfor Cyber Command.

We're a customer and end-user.

It's my understanding that we are on version five.

I'd advise users that it's a good solution, however, they need to be prepared for a large learning curve. 

I'd rate the solution eight out of ten.