We performed a comparison between Cisco Secure Cloud Analytics and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cisco Stealthwatch Cloud is scalable because it is on the cloud."
"It tells you if there is any communication going to command and control servers, or if there is any traffic that violates your internal policy, or if any data hoarding is happening where data is being dumped from your machine to outside of the environment. It provides all such meaningful reports to help you understand what's happening."
"The tool's best feature is its ability to monitor network traffic. It will also inform users whether the traffic generated by a network is legitimate. The tool helps to capture and analyze the network traffic."
"Monitoring the traffic, making sure you have the visibility."
"The logs in Cisco Stealthwatch Cloud are very good when doing the API integration in the team. It is able to give you important information for the correlations."
"When it comes to scalability, there's no size limit. It varies based on licenses and requirements."
"The product helps me to see malware."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"Vectra AI generates relevant information."
"Vectra AI is the best. It is a major product in our cybersecurity."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"We particularly like the user experience around the dashboard, which we find to be much more straightforward than the dashboard of some of the competitive products... Vectra is a really easy system to understand and use to prioritize where we need to focus our security resources."
"The product's price is high."
"If we migrate these things to an event or send us an email if there is any critical event, I would like to configure these things on the initial launch. Because if a system is compromised, there will be a lot of data movement from one post to another post to the outside. Then, we should also get an alert on email as well. We have since we have integrated these things. But a direct email for critical alerts should be there. So, I would like to enhance the critical event configuration."
"Cisco Stealthwatch Cloud could improve the graphical user interface. It could be a more user-friendly graphical user interface. so that. Not everybody's a cyber security professional, most of the customers that I deal with are not very skilled. The terms that they use in the solution are quite understandable for a normal CIO."
"The product needs to improve its user-friendliness. It is very tricky and you need to study it before using the standard functionalities."
"When I used to work on it, I just didn't see anything new happening for about a year and a half. Providing newer data and newer reports constantly would help. There should be more classifications and more interesting data."
"The initial setup is a bit complex in terms of deployment and configuration"
"The initial setup of Cisco Stealthwatch Cloud is complex."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"Other alternatives, like Darktrace, have a fancier UI."
"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
Cisco Secure Cloud Analytics is ranked 15th in Intrusion Detection and Prevention Software (IDPS) with 7 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Cisco Secure Cloud Analytics is rated 8.6, while Vectra AI is rated 8.6. The top reviewer of Cisco Secure Cloud Analytics writes " Efficiently generates alerts for suspicious activities and scales easily ". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Cisco Secure Cloud Analytics is most compared with Cisco Secure Network Analytics, Cortex XDR by Palo Alto Networks, Darktrace, CrowdStrike Falcon and Palo Alto Networks Advanced Threat Prevention, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight. See our Cisco Secure Cloud Analytics vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.