We performed a comparison between Trend Micro Deep Discovery and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The platform provides all essential features for discovery and administration."
"The solution has extension-based features that help it to analyze the environment. The environment can have different platforms like Windows, Linux, and Mac. The tool will give a report which can confirm the analysis of the issues. You can also get clear information on threats or suspicious files."
"The performance and stability are great."
"The most valuable feature of Trend Micro Deep Discovery is its complete end-to-end visibility of threats."
"The most valuable feature is that the user can customize images of virtual machines in the sandbox functionality. The other vendors only use images that were created by the vendor but not the customer, end-user or partner. This helps to detect advanced threats and attacks."
"The tool's most valuable feature is its collaboration with other products. Integrating with other security products was simple and easy."
"Generally speaking, it just gives us a broad understanding of exactly what kind of threats occur. The submission point, analyzing point, and virtualization are within the environment that it supports. It helped us to improve our security levels and protect our internal network from any threats outside."
"Trend Micro Deep Discovery is a very specific product for threat intelligence with smart protection."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"The most useful feature is the anomaly detection because it's not signature-based. It picks up the initial part of any attack, like the recon and those aspects of the kill chain, very well."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"The solution is currently used as a central threat detection and response system."
"Vectra AI generates relevant information."
"Some of the end users may not be technically proficient, so they occasionally face problems due to a lack of knowledge."
"I would like to see integration with third-party tools to improve the visibility of the dashboards."
"Trend Micro can improve the pricing in general. There is nothing else they can add or improve in the solution."
"Scalability becomes an issue when managing a higher number of customers."
"I would like the ability to analyze all files in our internal network, at the same time on different operating systems. Not just three of them, but as many as possible."
"The scalability is sometimes limited."
"This solution could be improved with faster technical support and cheaper licensing prices."
"There are certain aspects of flexibility in the policies that should be added to Deep Discovery."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"I think Vectra AI's automation, reporting, and integration could be improved."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
Trend Micro Deep Discovery is ranked 6th in Intrusion Detection and Prevention Software (IDPS) with 23 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Trend Micro Deep Discovery is rated 8.4, while Vectra AI is rated 8.6. The top reviewer of Trend Micro Deep Discovery writes "Good threat detection capabilities and offers flexibility for hosting options". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Trend Micro Deep Discovery is most compared with Darktrace, Trend Micro TippingPoint Threat Protection System, Arista NDR, Palo Alto Networks Advanced Threat Prevention and Fortra's Tripwire Enterprise, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Rapid7 InsightIDR. See our Trend Micro Deep Discovery vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.