We performed a comparison between Corelight and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's an easy way for us to get visibility in a client's environment."
"It's easy to create additional dashboards specific to supporting specific tasks."
"Corelight is easy to use."
"The most valuable feature is the embedded IDS from Suricata."
"It is easy to deploy and easy to handle."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"One thing I appreciate is Antigena Email, which is for email protection."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"What I like about Darktrace, is that you can quickly identify threats."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"Machine learning could be a good improvement, but it's very costly."
"Corelight hasn’t added features in a long time."
"In the next release, building a graphical user interface would be helpful."
"The solution’s architecture is complex and difficult to understand. There are multiple machines and VMs."
"They can enhance the interface of the product. They can make it more interactive and also easier to use for feature access."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"Darktrace could improve by being more user-friendly."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"Getting logs from different sources can be a challenge."
"This is quite an expensive product so the pricing is something that can be improved."
"Darktrace requires numerous configurations. It would be beneficial if the configuration could be made simpler."
"Needs to improve its collaboration with local partners."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
Corelight is ranked 7th in Network Traffic Analysis (NTA) with 5 reviews while Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 65 reviews. Corelight is rated 9.0, while Darktrace is rated 8.2. The top reviewer of Corelight writes "An open-source solution that gave us insight into our clients' network traffic flow ". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Corelight is most compared with ExtraHop Reveal(x), Vectra AI, Cisco Secure Network Analytics, Arista NDR and SolarWinds NetFlow Traffic Analyzer, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cybereason Endpoint Detection & Response. See our Corelight vs. Darktrace report.
See our list of best Network Traffic Analysis (NTA) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.