We performed a comparison between Darktrace and Cynet based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Cynet comes out ahead of Darktrace. Darktrace is challenging for large networks in terms of deployment and management, and it has a higher subscription-based pricing model.
"It is stable and scalable."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The most valuable feature is the analysis, because of the beta structure."
"This is stable and scalable."
"In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats."
"We are protecting all our workstations."
"The interface is exceptionally clear and easy to understand."
"The most valuable feature of this solution is the network part of it because most of the endpoint products in XDS products we find Cynet has networking user behavior analysis and network analysis, for the whole team."
"The level of automation is very good because the majority of the time, it blocks the attacks without requiring anything from our side. The technicians don't have to do anything. They are just alerted about what happened. So, the user intelligence works quite well."
"Cynet's most valuable features are laptop and server performance, internal network monitoring, and external firewall lock management."
"If some unusual activity happens on the network, such as I open administrator sessions in a short duration of an hour on many computers in the lab, it sends me an alert about my network saying that one user opened three, four, or five sessions in one hour. Similarly, if I try to play with the disk size on a computer, it will send me an alert, and it will also stop the operation."
"I like that it is possible to use the solution to check more information about the users' devices."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"It's a very stable product."
"The solution can scale."
"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"FortiEDR can be improved by providing more detailed reporting."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The dashboard isn't easy to access and manage."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Could have better integration with other security applications."
"Automation could be improved, and orchestration could be added to the features."
"The solution just needs to keep maturing and they need to keep up with the threat landscape to ensure they're protecting clients well as time passes."
"There is room for improvement in terms of support. The support should be faster to respond."
"Most of their times are in Greenwich Mean Time. I would like to see more local time zones."
"A support center in Asia is needed."
"I'd like to see more data loss prevention within the product."
"One thing to note is that I highly recommend adding a deep learning-based prevention environment as an additional layer to Cynet. However, I always advise my customers to start with Cynet or XDR, for example, and then focus on the people, technology, and processes involved. This is the best approach to ensure that you are not breached with ransomware. While Cynet can prevent most attacks, there have been cases where ransomware has been quicker than Cynet's detection capabilities. In these situations, an additional tool is necessary to ensure complete protection, and that is what I sell as well."
"I believe their network monitoring device licensing module could use some improvement."
"Needs to improve its collaboration with local partners."
"The price point for the product was too high for what our possible use case could be."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"The main portal needs improvement as it is difficult to use."
Cynet is ranked 4th in Network Detection and Response (NDR) with 35 reviews while Darktrace is ranked 1st in Network Detection and Response (NDR) with 66 reviews. Cynet is rated 8.8, while Darktrace is rated 8.2. The top reviewer of Cynet writes "Provides memory protection, device control, and vulnerability management". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cynet is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, ESET Endpoint Protection Platform, Microsoft Defender for Endpoint and Check Point Harmony Endpoint, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics. See our Cynet vs. Darktrace report.
See our list of best Network Detection and Response (NDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.