We performed a comparison between Darktrace and Palo Alto Networks Advanced Threat Prevention based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We liked their approach to identifying intrusions or network anomalies using AI."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
"I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
"It is very stable and easy to use."
"I am impressed with the product's ability to give insights into network traffic."
"The models, triggers, and alerts are customizable."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"I like the solution's interface."
"You can scale the product."
"Most of the features of Palo Alto Threat Prevention are alright. I recommend features like content filtering, IP address, & intelligent firewalls. The reporting feature is very good."
"The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall."
"It is a stable product."
"The stability of Palo Alto Networks Threat Prevention is good."
"The user interface is a bit more professional than some free products."
"Everything has been okay with the solution. We are using all of the features."
"There is a high ratio of false positive information."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"This is quite an expensive product so the pricing is something that can be improved."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems."
"Palo Alto's maintenance needs to be improved."
"Mission learning techniques should continue to expand and detect unknown threats on the fly."
"The initial setup is complex."
"In terms of what needs improvement, the only thing I don't like is the support."
"Generally, to deploy it will take some downtime, about a day."
"I think they can use some improvement on FID."
"The documentation needs to be improved. I need better information about how to configure it and what the best practices are."
More Palo Alto Networks Advanced Threat Prevention Pricing and Cost Advice →
Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 66 reviews while Palo Alto Networks Advanced Threat Prevention is ranked 7th in Intrusion Detection and Prevention Software (IDPS) with 24 reviews. Darktrace is rated 8.2, while Palo Alto Networks Advanced Threat Prevention is rated 8.8. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Palo Alto Networks Advanced Threat Prevention writes "A good amount of granularity and advanced URL filtering capabilities". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Palo Alto Networks Advanced Threat Prevention is most compared with Check Point IPS, Fortinet FortiGate IPS, Arista NDR, Trend Micro TippingPoint Threat Protection System and Cisco NGIPS. See our Darktrace vs. Palo Alto Networks Advanced Threat Prevention report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.