We performed a comparison between Darktrace and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is outstanding from a monitoring perspective."
"The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"Its AI technology supports cybersecurity by learning my environment and accurately responding to threats."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"Darktrace is extremely stable."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The most valuable feature is the network security module."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"I would like to see some additional enhancements."
"The dashboard and reporting for this solution could be improved as it is currently complex. The GUI for this solution could also be improved."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"The main portal needs improvement as it is difficult to use."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"It is an expensive solution."
"It is not a very secure product."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"We'd like the potential for better scaling."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
More Trellix Network Detection and Response Pricing and Cost Advice →
Darktrace is ranked 1st in Network Detection and Response (NDR) with 66 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 37 reviews. Darktrace is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Cisco Secure Firewall. See our Darktrace vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.