We compared Abnormal Security and Darktrace based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparison between Abnormal Security and Darktrace, Abnormal Security offers easy setup and seamless integration with Office 365, whereas Darktrace's setup can be difficult and time-consuming. Abnormal Security specializes in catching spear phishing attacks and has AI-based spam filtering, while Darktrace focuses on detecting threats and vulnerabilities using AI-driven capabilities. Abnormal Security could improve by addressing email slip-through and finding more partnerships, whereas Darktrace could enhance its false positive reduction and simplify configuration. Pricing-wise, Abnormal Security has fair prices and excellent customer support, while Darktrace's pricing and licensing model could be more flexible and support could be improved in certain areas.
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"Since we have started using the solution, there have been fewer compromises."
"Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications."
"The basic features are okay and I'm satisfied with the Defender."
"The solution is very easy to use. All you have to do is to assign the license to the end-user and it's done. The customer will only have the feature activated, and the solution will monitor the emails to determine if they are a threat or not."
"Defender enables us to secure all 365-related activity from a single place. It gives us visibility into everything happening in Outlook, protecting us against phishing and other email-based threats. Defender helps us detect any suspicious behaviors."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"I have never encountered any stability issues with Abnormal."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"The solution can scale."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"The active threat dashboard is the most valuable feature of this solution."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"Its AI technology supports cybersecurity by learning my environment and accurately responding to threats."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"There is room for improvement in terms of reporting."
"Several simulation options are available within 365, and the phishing simulation could be better."
"The XDR dashboard has room for improvement."
"I'd like some additional features any product can give me to protect our environment in a better way."
"The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"Microsoft should provide more documentation for users so they can self-educate. I would like to see more documentation for advanced security features."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"One feature I'd love to see is outbound scanning."
"The pricing for academic institutions and student mailboxes is challenging."
"I would like to have the ability to customize the auto-remediation feature."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"The biggest pain point for us is the lack of support for on-premise email systems."
"We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."
"In the next version, I'd like to see penetration testing."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"A reporting portal could be a great addition to help customize reports."
"I'd love them to see maybe covering the cloud a bit more."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Abnormal Security is ranked 12th in Email Security with 8 reviews while Darktrace is ranked 11th in Email Security with 66 reviews. Abnormal Security is rated 9.6, while Darktrace is rated 8.2. The top reviewer of Abnormal Security writes "Provides comprehensive email security management, effective in detecting a wide range of email threats". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Abnormal Security is most compared with Mimecast Email Security, Egress Intelligent Email Security, Cloudflare Area 1 Email Security, Avanan and Fortinet FortiMail, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Abnormal Security vs. Darktrace report.
See our list of best Email Security vendors.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.