We performed a comparison between Darktrace and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"Darktrace is extremely stable."
"It is a very simple product to use."
"The solution is outstanding from a monitoring perspective."
"The active threat dashboard is the most valuable feature of this solution."
"We liked their approach to identifying intrusions or network anomalies using AI."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"It's straightforward in terms of configuration and troubleshooting and log management and monitoring as well. These are the edge points in addition to it being a modular solution where you can capitalize on your current licenses with extra licensing models, which can match the customer's business requirement and it can help the customer to design or to actually plan for their own roadmap."
"The solution's most valuable feature is Splunk queries, which allow us to query the logs and analyze the attack vectors."
"The most valuable feature is the ability to search through a large amount of data."
"The solution is fast, flexible, and easy to use."
"It's easily scalable."
"The most valuable feature is being able to take data and put it into other systems so that we could see the output, and to see where we need to apply our focus."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"It is a solution that helps test and measure customer satisfaction."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"In the next version, I'd like to see penetration testing."
"I think there is some MSSP missing."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."
"I believe their network monitoring device licensing module could use some improvement."
"The module can improve so that every time it's more intelligent."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"If the price was lowered and the setup process was less complex, I would consider rating it higher."
"The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"There are occasional bugs."
"The initial setup was complex because some of the configurations that we required needed customization."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 65 reviews while Splunk User Behavior Analytics is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 18 reviews. Darktrace is rated 8.2, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Claroty Platform, whereas Splunk User Behavior Analytics is most compared with Microsoft Defender for Identity, IBM Security QRadar, Cynet, Exabeam Fusion SIEM and Varonis Datalert. See our Darktrace vs. Splunk User Behavior Analytics report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.