Darktrace Reviews

We are a financial Institute and make use of the IDS solution. We have the SIM called QRadar. We analyze all the traffic clouds with Darktrace and SIM.

The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic.

Sometimes the solution gives some false positives which could be improved. The dashboard and reporting for this solution could be improved as it is currently complex. The GUI for this solution could also be improved. 

I have been using this solution for three years. 

This is a stable solution. 

This is a scalable solution. 

The technical support is very good but we would like to get some information from APAC because we are in APAC region.

We considered McAfee and other solutions but based on budget and features, we decided to go with Darktrace.

The initial setup is straightforward and so is the maintenance. 

The deployment was done in-house.

I would rate this solution a seven out of ten. 

We primarily use the solution for network traffic analysis, to identify potential threats running on our customers' ICP environment, and to generate alerts to our SOC.

The Enterprise Immune System, Cyber Artificial Intelligence Analyst, and Antigena technology are all very useful aspects of the product.

The solution is quite stable.

The scalability is great.

The initial setup is simple.

It can always improve here and there, however, in general, it's already quite complete. 

The solution could have better integration capabilities. There aren't so many third-party vendor platforms natively integrated with the platform. 

They need a better-automated response setup.

I've been using the solution for a few years at this point. 

The solution is stable. There are no bugs or glitches. it doesn't crash or freeze. It's reliable. 

I've found the solution's scalability to be very good. It can scale from one endpoint to many thousands of endpoints. We have a lot of implementations that are quite sizable for our customers.

We have 20 to 30 clients on the solution at this time. 

Technical support is fine. That said, we are very skilled and therefore we don't require the help of technical support all that often.

We find the implementation process to be quite painless. We only had to identify the right place in which put the appliances, and then they start learning.

We were able to deploy same day. it's a pretty fast process. 

We have a team dedicated to the delivery that manages Darktrace and other technical solutions and they are in charge of implementation in the customers' ICP environment. More or less, we have more than ten people handling this.

We are capable of handling implementations for our clients. 

Our clients pay a yearly licensing fee. I can't speak to the exact costs involved. We have a variety of clients who have licenses with Darktrace.

We are partners of Darktrace.

We utilize both cloud and on-premises deployments. 

I would recommend the solution to other companies and clients.

I'd rate the product at a ten out of ten.

We use it to understand our network and traffic. We are basically getting visibility into our infrastructure.

We are using its latest version. It has both deployments. There is one cloud, and there is one on-prem.

The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network. 

With Antigena Email, you know from where most of your spam is coming and which country is spamming you a lot. 

They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity.

I have been using it for three months.

It is stable.

It is scalable. Currently, we have just two users of this solution, but it covers all the devices that we have.

The customer success manager has been helpful. Their support is pretty good.

We used Microsoft.

It was straightforward. The installation took 30 minutes to an hour. We had training before doing the installation.

We used a consultant. We have just two engineers who are doing the deployment and maintenance.

It is pretty expensive, but it is worth it. Its licensing is yearly.

I would recommend it, but you just need to make sure that your organization is big enough. It's not worth it when the organization is small. I would recommend it for organizations with more than 5,000 devices on their network.

I would rate it an eight out of 10.

We use Darktrace for security, and to give us better visibility.

If a user is exfiltrating data, normally we don't have the tools to detect it. With Darktrace, it detects this data. Also, if there is any command-and-control then this solution will highlight that.

The most valuable feature is that it gives us visibility of rogue traffic that is on the network.

The detection capabilities are good.

This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious.

Integration with SOAR systems may be helpful, depending on the SOAR.

Stability-wise, Darktrace is very good. It runs in the background 24/7.

The scalability is good because it covers our whole network.

We have 1,000 business and IT users and for our environment, the scalability is very good. 

The technical support is good. I would rate them an eight out of ten.

We did not use another similar solution prior to Darktrace.

The initial setup was very straightforward. It took approximately two months to complete the implementation and deployment.

We used a consultant to assist us with the implementation.

One person is enough for the deployment and maintenance.

There may have been others that we looked at but this is the main one we evaluated.

My advice for anybody who is looking into implementing Darktrace is to do a proof of concept first. Try to out because it's quite useful for providing visibility in the network.

Overall, this is a good product that seems to be working well.

I would rate this solution an eight out of ten.

I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user.

Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better.

It has been close to two months, and I am probably using the latest version.

It is definitely stable.

So far, we haven't had any problems. It is definitely scalable.

We don't have more than 12 people who use this solution.

I never had any technical support problems. It is up to the mark.

I have worked with Elastic SIEM and QRadar. Elastic SIEM is entirely different, so there is no one-to-one comparison. It is like comparing apples with oranges, but overall, Darktrace is quite interesting. A new user can easily learn it without much help.

I never did any setup. I'm just an end-user.

My advice is to always go for a PoC before implementing Darktrace. That's because Darktrace can get a lot of personally-identified information, which may not be a good thing for some companies. So, before going for this technology, you should do a PoC, and once everything is compliant with the rules and regulations of the company, you can go for it.

I would rate it an eight out of 10.

We use it to protect IoT devices. Darktrace does network traffic analysis. So, by analyzing all traffic patterns in your environment, you can detect any type of anomalous activity, as far as the network is concerned. 

I have been using its latest version. Its deployment depends on the environment. It can do sensors in the cloud, and it can also do on-prem.

It provided a higher level of threat detection.

The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response. 

They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there. 

I used it for about a year.

It is a very stable product. We didn't have any issues.

It has sensors that you can install. So, it can scale on-prem and off-prem in the cloud.

It is being used extensively. We have 2,000 employees. We use it to protect IoT devices. We also use it to protect Windows servers, desktops, and laptops. Its usage would increase if the net grows, but it's probably not going to grow too much bigger than 2,000 employees.

The support from Darktrace is very helpful.

We didn't use any other solution previously. 

It was pretty straightforward. You just monitor everything from your core switch. It monitors everything in and out.

We got it up in half an hour, but it still has to learn. You still have to give it some time to learn about the environment, and that's usually going to be at least two weeks.

We brought in their guy to the site. In terms of maintenance, it is automatically set up to reach out to their website and pull down updates and stuff. We don't have to worry about that too much.

It was $3,600 a month or $2,000 plus or so. I am not sure. 

Its licensing is pretty simple.

We were thinking about getting another solution called Vector, but we didn't. We brought Darktrace in.

Darktrace is a pretty good company. The only thing that they need to really work on is just being able to get rid of some of those false positives. Once the solution is tuned up, it pretty much just runs.

I would advise making sure that you do a really good PoC of the product so that you can be sure that it makes sense in your environment.

I would rate it a nine out of 10. 

Darktrace is used for cybersecurity, you can buy it as a physical appliance or solution as a service on the cloud. I tried the on-premises solution to detect any threat over our network.

Darktrace played an important role in the security detection strategy by reducing the time lost in detecting, analyzing, and incident resolving. This is due to its friendly user interface that shows you in simple graphs and analytics the output for any log over your network whether it is computer, device, switch, access point, etc...

I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network.

There is an included library of threat detections, not only locally, but threats being experienced all around the world. It is similar to a database of all the threats and what is done by cybersecurity administrators across the internet. By collecting events and information all around the world makes Darktrace more proactive in dealing with threat notifications and cybersecurity detection. The service is very comprehensive and can cover all security areas.

It has simple tracking capabilities and a graphical interface that can assist you with coding, you do not need to be a guru. The dashboards are user-friendly and you do not need an application to access your work, it is all done through any browser. Additionally, there is a mobile application that is one of the best features because you can see any threats from your phone. There is a playbook that can give you instructions. For example, if you see your network servers are being injected by ransomware you can stop the session and be notified of which person on what computer triggered the threat.

The solution is very professional. Everybody would like to have an application on their phone to be more proactive about security anywhere and this solution delivers.

In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from. Since it is collecting all scenarios that might happen from any threat, new playbooks may be discovered and customers will have the privilege to use them in their environment. Other than that, Darktrace is leading in every aspect.

I have been using this solution for one month.

Very Stable

We have a number of employees using the solution in my organization which includes administrators and management.

Technical support is excellent. You can communicate with them by sending an email, WhatsApp messages, or other types of communication. They have their support in many places around the world so what ever your time zone is, they are available.

The support you do receive is excellent.

I have used other solutions previously but non had this intelligence,

The installation is very easy. I was shocked by the simplicity of the management, implementation, and dashboards. 

I have implemented it using Darktrace Team who were very professional.

The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want. There is some flexibility, for example, if you only want to have email inspections, network inspections, endpoint inspections, or brief analytics of the reports and controls over your infrastructure, can reduce the prices accordingly. Not choosing all the features can reduce the price. When comparing this solution to competitors in the market it is expensive. However, you are paying for a valuable solution with plenty of features. Their artificial and cyber intelligence is working extremely well. I am a consultant and work with a variety of solutions by myself, attend training, and understand people who are working with these solutions.

I need to know the advantage, disadvantages, weaknesses, and what makes the solution better than the others. Darktrace proves at some point that the value of money you are paying for the solution is reasonable for the advanced technology you are receiving as it covers many solutions that can cost much  much more than darktrace where as i you bought Darktrace you reducing all the complexity to one simple solution. 

I have evaluated many other solutions.

My advice to those wanting to implement this solution is if they want to experience artificial intelligence, advanced cybersecurity, and high-level detection, this solution is the one. 

I rate Darktrace a nine out of ten.

We are primarily using the solution for network monitoring as well as cybersecurity.

The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us.

The solution is stable.

The product scales well within a network.

The initial setup is pretty simple.

The solution isn't too expensive.

The solution could be easier to use.

The user interface is a bit too detailed. They should work to pare it down and simplify it. They seemed to have designed it for an expert user and not a layman. If there are some system administrators who are not experts and they just want to just get sensors reports and escalate, it should be easier for them to do so.

I've been using the solution for three years at this point.

The solution is very stable. As far as we've been using it, we've not had any major issues. It doesn't crash or freeze. There are no bugs or glitches. It's reliable.

The solution is scalable within the network. If a company needs to expand it, it can do so.

For our particular office, we have around 100 users.

I cannot say if we will increase usage. We have many offices and decisions in relation to usage increases would come from our UK office.

Technical support is great. They are very responsive and helpful. We are very satisfied with the level of support they provide to us.

We did not previously use a different solution. For cybersecurity, this is our first product. We were using the traditional endpoint protection as well, and we still do. For that, we use Sophos.

The installation was straightforward, from what I understand. I didn't actually handle ht process. That was done by a consultant. 

The deployment was fast. In less than an hour, everything was up and running.

I handle the maintenance myself.

We had a consultant that assisted us with the implementation. They made the process very easy.

We typically do yearly or three-year licensing, however, I can't speak to the exact costs or arrangements.

It's not too expensive. The price is good for what it offers.

We're just a customer and an end-user.

Overall, I'd rate the solution at an eight out of ten. We've mostly been quite happy with the product.

I'd recommend it to other users and organizations.