We performed a comparison between Pico Corvil Analytics and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software."We can manage the entire system across the network and troubleshoot the pain points."
"We like the dashboards because they essentially organize all the sessions into one viewpoint."
"We're able to quickly drill down and find answers to events that are happening in real-time, using Corvil's analytics tools. That's the feature which is most in the spotlight..."
"We can use CLI with the UI for configuring the new monitoring system, which is good."
"It allows us to trace the flow. The logic is built sufficiently for us to be able to break down clients' orders, underlying child orders, and execution. Thus, it's a good way for us to trace client flow through a myriad of different internal systems."
"Time-series graphs are very good for performance analysis. We can do comparisons... We can say this is the latency in the last 24 hours, and this was the same 24-hour period a week ago and overlay the two time-series graphs on top of each other, so we can see the difference. That's a really powerful tool for us."
"The performance metrics are pretty good. We've got everything from the network layer to the actual application layer. We can see what's going on with things like sending time and batching."
"What is most valuable is the ability to troubleshoot when a client complains of spikes in latencies. It gives us the ability to go granular, all the way down to looking at the network packets and analyze them."
"With the Corvil Stored Data Analyzer module, we can use it for test data or a set of production data to set up the configuration for latency setup, so we can use the fields to correlate messages."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The Wi-Fi side needs improvement."
"It's quite difficult to see, sometimes, how hard your Corvil is working. When we had a very busy feed that chucked out a lot of data it wasn't working very well on Corvil. We had to raise a case for it. It turned out to be that, in fact, we were overloading Corvil."
"For FIX protocol, maybe we could have built-in configurations for signatures and decoders. Also, for certain protocols, which are newer, we would like to just add the signatures within the decoders itself."
"While the product is scalable, it's not easy to scale. It needs investment hardware and network bandwidth consideration. It's not something you can just do overnight."
"Alerting isn't great... you can only put in one email address in. And that's for all kinds of alerting on the box."
"Before I got the Corvil training... one thing that was not very efficient was that every time you had to create a new stream or a new session from within Corvil... you had to tell it what protocol the message is going to come through and how to correlate messages, etc... After I went for the training, they had already added these nice features in the 9.4 version where it could do auto-discovery... Based on the traffic that it has already seen, it could create sessions on the fly."
"In terms of performance analysis, if you really want to dig down into the minutiae and get statistics on the important things... that would be the only piece lacking because, in our environment, we have thousands and thousands of symbols. With the architecture that Corvil is built on, it's cumbersome."
"I have seen errors where the CNE and the CMC haven't synced because of something missing in the CMC, which was there in the CNE. We would get some type of error, but it doesn't actually say what exactly was missing in the CNE."
"There is definitely room for improvement in the reporting. We've tried to use the reporting in Corvil but, to me, it feels like a bolt-on, like not a lot of thought has gone into it. The whole interface where you build reports and schedule them is very clunky."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
"I think Vectra AI's automation, reporting, and integration could be improved."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
Pico Corvil Analytics is ranked 51st in Network Monitoring Software with 9 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Pico Corvil Analytics is rated 9.0, while Vectra AI is rated 8.6. The top reviewer of Pico Corvil Analytics writes "Helpful support agents, beneficial issue detection, and high availability". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Pico Corvil Analytics is most compared with NETSCOUT nGeniusONE, Gigamon Deep Observability Pipeline, ITRS Geneos and ThousandEyes, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.