We performed a comparison between Corelight and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the embedded IDS from Suricata."
"It is easy to deploy and easy to handle."
"It's easy to create additional dashboards specific to supporting specific tasks."
"It's an easy way for us to get visibility in a client's environment."
"Corelight is easy to use."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"The models, triggers, and alerts are customizable."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The solution is outstanding from a monitoring perspective."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
"Darktrace is extremely stable."
"I find it very good in the way that they show the past events, including the attack history."
"In the next release, building a graphical user interface would be helpful."
"Corelight hasn’t added features in a long time."
"They can enhance the interface of the product. They can make it more interactive and also easier to use for feature access."
"Machine learning could be a good improvement, but it's very costly."
"The solution’s architecture is complex and difficult to understand. There are multiple machines and VMs."
"The main portal needs improvement as it is difficult to use."
"The solution can improve the reporting."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"The pricing model is a little too high and could be more flexible."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"The interface is too mathematical and it should be simplified."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
Corelight is ranked 7th in Network Traffic Analysis (NTA) with 5 reviews while Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 66 reviews. Corelight is rated 9.0, while Darktrace is rated 8.2. The top reviewer of Corelight writes "An open-source solution that gave us insight into our clients' network traffic flow ". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Corelight is most compared with ExtraHop Reveal(x), Vectra AI, Cisco Secure Network Analytics, Arista NDR and SolarWinds NetFlow Traffic Analyzer, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cybereason Endpoint Detection & Response. See our Corelight vs. Darktrace report.
See our list of best Network Traffic Analysis (NTA) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.