We performed a comparison between Darktrace and Skybox Security Suite based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Microsoft Defender for Office 365's most valuable feature is its performance."
"The email protection is excellent, especially in terms of anti-phishing policies."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"The product is not resource-intensive."
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"Darktrace is extremely stable."
"Change Manager is most important because of the impact on each other of a network change or a firewall change. We want to understand this and to know, beforehand, what the impact of a change will be. We are a large network so that is a very important tool."
"We use Network Assurance for network visualisation and troubleshooting."
"Correlates logs and threats and prioritizes; provides network maps;p provides change result context and resulting vulnerability."
"The product's most valuable feature is vulnerability management."
"The revalidation and policy recertifications are most valuable."
"It can be integrated with a vulnerability management solution. When a client comes, apart from pitching network and firewall change management, we are recommending having vulnerability management. So, rather than just having the audit of the firewall, they can integrate it with their vulnerability management solution, which could be Rapid7, Qualys, or any other solution. This provides them the most value out of the platform. That is the way we are approaching our customer base."
"The most valuable features are the rule compliance and the OS vulnerability checks."
"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""
"The UI needs to be more user-friendly."
"The pre-sales cost calculations could be more transparent."
"The XDR dashboard has room for improvement."
"Microsoft Defender for Office 365 should improve the troubleshooting tools. It's unclear whether the device is blocked at the firewall level or at the device itself. The granularity needed for troubleshooting is currently lacking. From my perspective, Microsoft should address this issue to benefit many users who likely share the same sentiment."
"You should be able to deploy Defender for every subscription without the need to add servers."
"Microsoft Defender for Office 365 should be more proactive."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"In the next version, I'd like to see penetration testing."
"There aren't so many third-party vendor platforms natively integrated with the platform."
"The price point for the product was too high for what our possible use case could be."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"Getting logs from different sources can be a challenge."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"There are multiple dashboards but no custom dashboard. It would be good to include a custom dashboard so that we can actually choose which field and what kinds of things we want to look at."
"Modifications and the deletion of existing policies are currently unavailable."
"Skybox should improve their UX features by making them easier to use."
"There is room for improvement in the technical support."
"Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution."
"During implementation, we realised approximately 30 devices were not supported by the Skybox platform."
"The solution needs to add more automation and orchestration capabilities. Those features would make the solution much stronger."
"The Network Assurance, which helps to create the network model, is not so rich."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 12th in Email Security with 66 reviews while Skybox Security Suite is ranked 19th in Vulnerability Management with 34 reviews. Darktrace is rated 8.2, while Skybox Security Suite is rated 7.8. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Skybox Security Suite is most compared with AlgoSec, Tufin Orchestration Suite, FireMon Security Manager, Palo Alto Networks Panorama and RedSeal.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.