Darktrace Reviews

Darktrace is a cybersecurity solution that is essentially an AI-driven ecosystem. Call it network monitoring with telemetry SaaS cloud connections.

It provides a comprehensive cybersecurity solution that monitors my cloud accounts as well as my local network. It monitors local network traffic, VPN's and it connects to my firewalls, allowing me to see what's going on in my environment. I have visibility into pretty much everything that's going on now.

The active threat dashboard is the most valuable feature of this solution. 

The licensing model has room for improvement. The license by IP rather than node or device, even if it's a single Mac address. If I have three people who are constantly in three different locations, they want to charge you three licenses. My only criticism of the product is that its licensing model isn't flexible.

I would like to see a Darktrace EDR client, a true EDR client that integrates into it, and not a third-party EDR.

I have been working with Darktrace for six months. 

We are working with the most recent version.

Darktrace is very stable. It's very reliable.

Darktrace is a very scalable solution.

We have 650 users in our organization.

It's extensively used.

I give them five stars from the sale cycle to the support cycle.

I considered other options, but this is the one I chose, because of the flexibility and the ease of use.

The initial set is very simple and intuitive. With the instructions provided, it took about 10 minutes to set up.

It requires no maintenance. It is managed by Darktrace, they push down the updates. I don't have to do anything with it.

I think it's mostly the licensing on the network monitoring piece that I don't like. All of the other modules, such as the licensing modules, are on par. It's one for one.

I evaluated Endpoint protection solutions, such as CrowdStrike Falcon, Darktrace, and SentinelOne. We decided on Darktrace.

I'm a partner with Darktrace.

I would advise them to engage with their sales team and their sales engineering team to make sure they understand the license model.

It's very intuitive. It's a fantastic product, and the only reason they don't get a 10 is because of their licensing. I believe their network monitoring device licensing module could use some improvement.

I would rate Darktrace an eight out of ten.

Normally, when we have a setup, and I log in with any guest, Darktrace blocks us from remotely logging in from within the office network. It ensures that we cannot remote log in anywhere. It is a security system that identifies hacking attempts. Darktrace also integrates with VirusTotal for verification. Additionally, we use the email protection feature.

Darktrace ensures that we do not have breaches on our systems, and it helps improve our security status before breaches can even reach our system.

The investigative part of Darktrace is valuable, especially the automation features. It allows setting up checks and provides guidance on mitigating situations, which is very useful. There are different modules that you can add to the console for protection.

The Darktrace Mobile app needs improvement as it's currently limited in functionality, and the learning AI takes a while to adapt to new devices, flagging new users as threats for up to a month before recognizing them as regular network users.

I have been using Darktrace for almost a year now.

Darktrace is very stable. I can reliably check logs and track what is happening within the system.

The scalability isn't a high priority for us as it mostly deals with system security. It provides necessary features for security enhancement whenever needed.

The support provided by Darktrace is very good. We had issues with Darktrace Mobile, and they assisted us with a solution, even allowing us to test new features.

Positive

I joined the current company after Darktrace was already in use, so I do not have information on previous solutions.

The initial setup can be rated as a seven out of ten because it involves going into the console and ensuring that the network settings are correctly configured.

Two people are enough for deployment, provided they know the network settings and configurations.

By using Darktrace alongside Mimecast, it has helped improve our security posture by preventing breaches before they reach our system.

I do not have any experience regarding the pricing or setup costs as it was managed by the company administration.

I did not have any information on other solutions evaluated prior to Darktrace as they were in use before I joined the company.

Darktrace is a good product to invest in if you can afford it. It provides excellent security features.

I'd rate the solution eight out of ten.

Our primary use case is incident response.

One thing I appreciate is Antigena Email, which is for email protection.

One of the most valuable features is Behavior analytics.

One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent.

For example, if a user is sent an unauthorized file via SMB, Darktrace would only flag that SMB traffic occurred between the two users. It wouldn't be able to tell us which file was sent, so we would have to manually investigate the incident to determine what happened.

It would be helpful if Darktrace could flag the specific file that was being transferred in SMB traffic incidents. This would make it much easier to investigate these incidents and take appropriate action.

In future releases, I would like to see more playbooks.

I have been using this solution for a year now. 

I would rate the stability a ten out of ten. 

I would rate the scalability an eight out of ten. There are five end users in our analyst team. 

The customer service and support are really good. That's one of the things that I've come to appreciate about Darktrace. 

Any concern that you give to them, they come on board and arrange a meeting where you could possibly do some practical work with them. They would take on the incident, and they would say, "Okay. Let's set this incident together."

Positive

We used Sophos. We chose Darktrace because of its reliability. Unlike other solutions that rely heavily on signature-based logins, Darktrace operates by learning the behavior of individual users. This means that what may seem normal to me could be considered abnormal for someone else, and Darktrace can effectively block such anomalies. This feature has proven to be immensely helpful.

The initial setup is very easy. I would rate my experience with the initial setup a ten out of ten, where one is difficult and ten is easy to set up. 

It took around an hour to set up. 

The deployment process is pretty self-sufficient. It handles network closure and device discovery.

One person is sufficient for the deployment process. 

The solution is quite expensive. I would rate the licensing model an eight out of ten. 

I would recommend it based on its excellent behavior analytics and AI implementation.

Overall, I would rate the solution an eight out of ten. 

Our customers use Darktrace to monitor network traffic.

I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good.

It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper. 

Darktrace is relatively stable.

Darktrace is scalable. It's very good. We have two big banks in Turkey using this solution.

The initial setup is straightforward. It takes me about half an hour to deploy this solution.

We implement this solution.

Darktrace is expensive. You can pay for the license yearly.

I would recommend this solution to potential users. But the cloud solution is challenging to use in Turkey.

On a scale from one to ten, I would give Darktrace an eight.

The solution is used as an anti-phishing tool.

The AI-based pattern is the most valuable feature. The AI monitors users' patterns in how they draft and send emails, so if there is a change in the pattern the email is flagged.

There is a high ratio of false positive information. For example, AI capabilities can sometimes make it difficult to distinguish between a legitimate email and a phishing email. This is one of the features that need to be manually sorted out and aligned. We need to improve this feature by putting DNS into the micro.

I have been using the solution for three years.

The solution is stable.

The solution is scalable.

The technical support team is good and they provide support on a priority level.

Positive

The initial setup is easy.

The cost is moderate.

I give the solution an eight out of ten.

Our organization chose Darktrace because of its phishing capabilities.

Darktrace is the best way to secure a gateway and I recommend the solution to others.

We're part of our regional hospital group in Northwestern Ontario. One of our group members was using the DarkTrace product suite. It was brought forward that other hospitals within the group may want to try it. A couple of us did a demo, which basically involved getting the appliance installed in our data center and routing all the traffic through it. 

We basically had the product running for a company, however, it really didn't pop up or offered anything that we were not already aware of. 

It has a very detailed interface - almost too detailed. It was pretty as far as the granularity of what you were getting out of it. 

The solution is very detailed. It has lots of fancy graphics that don't necessarily lead to a good outcome regarding knowing what's going on.

The only problem with these kinds of demos is that unless something actually goes wrong or you have something in the data center already; you don't see any difference. However, no news is good news.

The price point for the product was too high for what our possible use case could be. The demo might have gone more favorably in their direction if something had actually occurred during the demo. However, nothing did, and management decided that it was not worth the very high price.

The interface didn't really give you a whole bunch of insight into actually what was going on.

They did have some AI that they claimed could tell if traffic was malicious or what the intent of the traffic was. We never got to see that actually do anything. They identified some traffic. They said it was malicious. However, it turns out it was a known traffic that we had occurring, and it wasn't malicious. So there were a few missteps that way.

The UI is too dark.

We ultimately didn't find any value in the product.

We did a demo for two or three months. We did not use the solution for a very long time. 

In terms of scalability, you would need a separate device for every location. For our particular hospital, we actually have three or four main facilities, or what we would consider main facilities. You'd actually need to have a physical box for every deployment in order for traffic to be efficiently detected. They did say that we could route the traffic from the site through the box. However, essentially, that would be doubling the traffic load, which didn't really seem like it was a wise decision. As far as scalability, the box that we had was very capable of handling the traffic load that we were producing. I would say we are probably using maybe ten percent of it at the most at peak levels.

We had some interactions with them during setup and during the demo. They were fine.

Neutral

The initial setup depends on the network. We had a mature infrastructure which made it a bit more challenging.

It took us a few hours to set everything up and make sure it was capturing everything it needed to. 

If you had a straightforward Cisco environment where you could easily forward traffic and CDP needed, it would be pretty easy. 

I'd rate the pricing two or three out of ten. It is pretty expensive. For us, it just wasn't worth it. 

We are customers and end-users. 

I'd rate the solution five out of ten. It's an interesting maturing market. They do have potential, however, they do need to work a fair bit on their AI models and their interface.

We have a layered approach to our cyber security. We have unified threat management and use several solutions such as Kaspersky, FortiGate, and Mimecast. However, we felt that we needed something on top of all of these and decided to go with Darktrace. We only have one in-house IT security person and were looking for a solution like Darktrace that was more automated.

I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.

It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time.

We did a proof of concept with Darktrace for a year.

It is a scalable solution.

Darktrace's technical support staff were responsive. We did not have to wait long for feedback on anything.

We were able to deploy it in half a day. One person can handle the maintenance of the solution.

We implemented the solution with the help of Darktrace representatives.

We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once.

Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution.

I would rate Darktrace at nine out of ten. It is a growing product that helps with an ever changing threat landscape. Traditional endpoint antivirus solutions will not be able to keep up.

The solution automatically monitors everything on the network to prevent anti-phishing by monitoring, responding, and restoring the system. It prevents data excavation.

The most valuable feature is that it works autonomously. So you only need to look at the exceptions.

The solution can improve the reporting. Currently, it only runs weekly and the reporting is complex. It is more of a network monitoring system, basically AI.

I have been using the solution for four years.

The solution is stable and solid.

The solution is scalable and designed to be enterprise-wide.

Previously we used Intercept X which is more at the virus level endpoint, but Darktrace is an overall network and phishing solution.

The initial setup did not appear complex.  

The implementation was completed by a vendor technician. The setup was simple and took a couple of hours.

The solution is about $6,000 per quarter.

I give the solution ten out of ten.

Our organization has about 50 nodes and there is no maintenance involved because it is self-maintaining. I recommend the solution, it is better than SIM.