We performed a comparison between Aruba IntroSpect and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I haven't heard of any issues with stability."
"The most valuable feature is the end-user monitoring. If there is any abnormal behavior on the machine, the administrator will be alerted."
"Roaming feature, application control and firewall features."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The initial setup was pretty straightforward."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"The packet analyzer needs improvement."
"Technical support is a little slow."
"I would like to see improvements made to the dashboard, where you can get the information with a simple click."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
Aruba IntroSpect is ranked 14th in Network Traffic Analysis (NTA) while Vectra AI is ranked 2nd in Network Traffic Analysis (NTA) with 42 reviews. Aruba IntroSpect is rated 8.6, while Vectra AI is rated 8.6. The top reviewer of Aruba IntroSpect writes "A straightforward setup for technical users and an overall good product". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Aruba IntroSpect is most compared with Arista NDR, Cisco Secure Network Analytics, LogRhythm UEBA and Darktrace, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight. See our Aruba IntroSpect vs. Vectra AI report.
See our list of best Network Traffic Analysis (NTA) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.