Darktrace Reviews

I use it for my business. Within our organization, there are around 500 people using this solution. We want to continue using Darktrace but it's very expensive.

Darktrace is very flexible.

I have been using this solution for a couple of weeks.

This solution is both scalable and stable.

The technical support is very good.

We used Stealthwatch and Proofpoint.

The initial setup was quite straightforward. Deployment takes roughly 45 minutes to one hour.

We used an integrator.

This solution is expensive.

I would absolutely recommend using Darktrace. Overall, on a scale from one to ten, I would give this solution a rating of eight.

We have Antigena on the email, and we also use the network monitoring capabilities. We are using the latest version of the Antigena Email and AI analytics platform. 

I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities. 

One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network.

We have been using Darktrace for two years.

There were a couple of times when we needed some of the expertise, and the guys were not available at the time when we needed them. Subsequently, they've managed to improve.

In terms of our organization, we are a massive IT organization or financial services company. We've got a very small ITP, but we've got a lot of data. We are not sure about Darktrace in terms of its capacity to deal with huge data, but it is probably too early for me to give some sort of indication of what is not big.

At the moment, they are delivering on the set objective in terms of what I want to achieve as a CIO, and I'm quite happy with some of the deliverables that are coming through at the moment. In terms of what our requirements were and what we expect in terms of what we want them to deliver, they have delivered. Within the next two to three years, I would probably be able to provide a different perspective after we've matured within the Darktrace environment. At the moment, they've delivered the actual scope of work. There is nothing really that they're not delivering on as promised. So, at the moment, I'm quite happy with where we are.

I would rate Darktrace a nine out of ten.

Darktrace is deployed on our LAN, inside the network. No site, no internet, it's just for monitoring the LAN, local access network. It helps us to find a lot of threats inside the network. We are very happy with the solution. You don't need to have a lot of analysts with Darktrace who are making or following the incident. This solution helps you to send the notification and avoid threats.

The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7.

Firstly, the integration should be improved. 

In terms of what additional features I would like included in the next release of Darktrace, I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there.

We have been using Darktrace for three years.

In terms of stability, Darktrace is an excellent product.

Darktrace's scalability is very good. We have about 1,200 users on it currently.

Their technical support is excellent.

We have more than an SOC, a security operation center, so we switched to Darktrace because they use artificial intelligence and they are more sophisticated in preventing threats.

The initial setup is straight forward. Deployment took one day.

We implemented with a consultant. It required two people.

Our ROI as a result of Darktrace is excellent. The return of the cost of the solution for preventing threats is very good.

Darktrace is expensive, but its results are invaluable.

Because of all it does, Darktrace is a very good solution, and it doesn't take a lot of time to implement and to get results. You can learn the behavior of the network and take actions, not based in signatures. I think this is very, very good.

On a scale of one to ten, I would give Darktrace a nine.

We are using it for proof of concept purposes. We are using it to monitor all traffic on our network, and it is analyzing the traffic. We have 5,000 users. We are using the latest version.

It is very stable and easy to use.

Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside.

It should also have a better pricing plan because it is an expensive product.

I have been using this solution for a few weeks. 

It is very stable.

Currently, we are working with their pre-sales and technical teams. For POC, there is a dedicated team for us to ask and check what we want, and they have been good. I have not yet contacted their support. When we purchase the solution, we will be directly connected with the support team.

We were using Trend Micro's Deep Discovery Inspector.

It was done in less than half an hour.

We are a system integrator. For its deployment, one cybersecurity specialist would be enough.

It is a very expensive product.

I am comparing Darktrace with other products like Stealthwatch and Vectra, but for now, I find Darktrace as good.

We have been using it for a few weeks. As of now, we plan to keep using it. I would recommend this solution for big companies.

I would rate Darktrace a seven out of ten.

We are using this solution for both the detection and elimination of attacks.

The most valuable feature of this solution is that it does not require human intervention to eliminate a threat. It blocks everything automatically.

The user interface and the configuration are a bit complex and should be improved or simplified. 

It's user-friendly, but it could be easier.

The pricing could be better and the scalability should be simplified for the customers.

The integration could be better, as it's not that interactive. They could make it more interactive for the customer's daily use.

I have been using Darktrace for three years.

It's a very stable solution. We are very satisfied with stability.

It's a scalable solution, but it's not very easy to scale. When using a detection environment, it's not very easy for the customer.

Technical support is very good. They are excellent.

Previously, we had completed some trials with IronNet.

The initial setup is straightforward.

It could be cheaper.

When it comes to large installations, it can be expensive, but for small accounts it's fine.

We are resellers and integrators of Darktrace.

I would rate Darktrace a nine out of ten.

We deployed Darktrace for one of the biggest telecommunications companies in Latin America. It is deployed on-premise, but it is more like a service because we don't care about the appliances. Even though it works with appliances, it is more related to the services to the connections that the solution can handle. Because of that, it is on-premise, but it also has a component with sensors that works for remote instances, almost like a cloud solution. 

Some of the clients, especially in the security area, think that this appliance will replace a firewall or a prevention system solution, but it doesn't replace them. It actually complements them because the firewall decides to allow or deny a connection, and a prevention system is designed to avoid any type of risks to the connection or intrusion on the network. Darktrace allows you to find the unknown threats inside the network and identify them by using some artificial intelligence. It can do all the tracking inside or outside the network.

It is connected directly to the core switch, and in the first stage, it probably takes about a month to learn the behavior of the network and the users. With that, it starts to know what type of information is correct inside the network, and what type of information probably would be a risky connection or risky data moving from one site to another. It then starts doing the alerting. After the first stage or the learning stage is complete, we can find the size of the network. The second stage is the use of a different model inside the solution called Antigena. It works like the antibodies inside our body. Once it detects something that is wrong inside the network, it not only does the alerting but also takes the decision to block that type of connection in order to avoid any information leak or any possible risky connection. If somebody is doing some data mining, it disables connection to the engine that is doing the data mining.

We have been giving results not only to the security or compliance area inside of a company but also to the legal department. If someone is doing something wrong in terms of compliance, they can take directly take action against the person or group doing that.

We also give results to the infrastructure people and the network people. Based on our experience, most of the customers don't really know the size of their network. With this type of solution, we can know the complete network. We can know the real size, and how many resources are connected to the network and the internet. For example, one customer said to us, "I only have 18,000 connections on the network." We did the sizing with 18,000, and when we started the deployment, this customer had one thousand and twenty hundred connections. They didn't realize that until we arrived.

It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports.

Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk.

It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace.

I have been working with Darktrace for at least four years. I recommend and sell it to customers. A long time ago, I used to be a technical guy. Now I am on the sales side. Our technical crew and sales crew are certified for this solution.

For the past four years, I have only seen two crashes in two appliances. That was because the customer sent more traffic than what the solution or that specific appliance could handle. It was solved by using another appliance to do the appropriate balancing. The second crash was because it was a human error and somebody by mistake disconnected the cable and connected it to a different interface.

It is very easy to scale. When you need more appliances to support the infrastructure, you can use them as LEGOS. In order to place them, the only thing that you need to have is a rack, and you can start connecting them to the switch, and that's it. Once that you have it on the main console, you just assign the role to every single appliance, and that's it.

We're very focused on big companies, but we also have medium customers. The reason why we don't sell it to the small companies is that this type of solution is very expensive for them to finance. So, probably the assets that they have are very important, but based on the budget that small companies have in Latin America, they cannot afford a solution like this.

The support that we have in Latin America is very good. It is a very good company to work with. They have offices here. I would rate them a ten out of ten.

It is very easy. The setup of the solution takes probably half an hour. The only thing that we need to place Darktrace on a customer site is a connection on the core switch with a mirror port. We need to have some space on the rack, and then we connect the appliance to the core switch, and that's it. We go back to the customer a week later to see what Darktrace is catching and start sharing with the customer our discovery inside the network.

The biggest deployment that we have done took about two months, but it was in 26 different sites. The main challenge was the transport. We had to take care of all the logistics to transport all the appliances and find the appropriate time to run all the appliances because most of the customers do not allow to rack them at any time. Therefore, it needs to be done at midnight when almost nobody is using the network. That was our main challenge, but it is very easy to set up.

The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily.

Over the past years, I have seen some customers say, "No, I have Endpoint protection. I have intrusion prevention. I have a firewall. I don't need anything like that." My advice is that first of all, open your mind to new solutions because this type of solution will catch everything that the rest of the solutions that you have won't catch. That's the first thing. The second thing is that do not limit the work of the people who work with Darktrace by saying that you know your network because we can assure you that you don't know your network and the threats that are inside and outside the network and the size of the network.

We always start with Darktrace Enterprise Immune System, which is the first model. The reason for this is that it is easier to adopt the Antigena model at the second stage because the solution by itself needs to learn inside of the network and what is good and what is bad. When we place Antigena, the deployment stages are exactly the same as when you first deploy the Enterprise Immune System in order to let it learn. After the solution starts learning, it will take at least a couple of months or probably three months to deploy Antigena. Therefore, it doesn't make sense to make customers spend more money on a solution in the initial stages and go for a solution that they would not be using initially. This also provides the appropriate sizing of the network. Most of the time, the customer needs to acquire more services from us in order to support all the infrastructure that they have.

I would rate Darktrace a ten out of ten. I am a very happy user and a happy seller of Darktrace.

We are a system integrator and we pose solutions, including this one, to our clients.

It is mainly used to reinforce response capabilities with respect to network security.

I find it very good in the way that they show the past events, including the attack history. You are able to visualize all of the attack paths and connectivity to see what's happened.

The GUI interface is very good.

They are using the best machine learning and AI at the moment.

The need to simplify the analysis from a user perspective. In a few cases, you have to be a specialist in order to understand what's happening. It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.

I was been working with Darktrace for two years.

Stability-wise, we have not had any issues and it has been quite good.

We haven't had any trouble with scalability.

We have had contact with technical support and help was quite straightforward. Our feedback for them is good.

We work with a variety of products in the security space including Darktrace, Splunk, Elastic, and others.

The initial setup is really simple. This product is normally deployed as an on-premises appliance and it normally takes less than one day. It depends on how complex the network is, but it's usually quite simple.

Our customers feel that the price of Darktrace is quite high compared to other solutions. However, I feel that they are one of the top solutions in this space and they want to be paid for that.

They are currently working on improving their interface by including AI to help simplify things, but it does not work on real-time data. Rather, it works on historical events.

This is definitely a product that I can recommend, although I would probably be using it together with a SOC service or somebody else who can manage it properly.

I would rate this solution a seven out of ten.

Primarily we use the solution to spot problems that cannot be found by other solutions. 

Darktrace has improved our knowledge of abnormal phenomenen which could have potentially be hazardous for the organization.You have to be vigilant with GDPR compliance rules in Europe 

The most valuable aspect of the solution is that you can see all the process mistakes. You can see all the different types of unusualcsituations that you usually don't see in a traffic solution.

The solution would benefit from automation. Currently, you have to know what you are searching for.

I've been using the solution for one month.

The solution is stable. We've never had any problems with it.

The solution is scalable. So far, we have 12 networks done. We have about 500 users on it currently.

I haven't had too much interaction with technical support. Technical support was in France but the experts were in England. It's good generally, but we haven't used the solution for too long.

We didn't previously use a different solution.

When you have an expert, the initial setup is easy, but if you do it on your own, it could be complex. Deployment takes at least a month.

We didn't evaluate another solution. We met the solution's team in Cannes for an IT meeting and decided to pursue discussions with implementation.

We use the on-premises deployment model.

It's a quite clever solution. It has a lot of potential, but I'd advise those considering to hold off implementing the solution until after a newer version is released.

I'd rate the solution seven out of ten. If they added automation and included it in the price, I'd rate it higher.