We just raised a $30M Series A: Read our story

Compare Awake Security Platform vs. Trend Micro Deep Discovery

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Darktrace, Vectra AI, Auvik and others in Network Traffic Analysis (NTA). Updated: November 2021.
554,148 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff.""One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.""One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources.""The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into.""Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day.""The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away.""The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those.""The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."

More Vectra AI Pros »

"It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now.""The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that.""The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'""The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use.""We appreciate the value of the AML (structured query language). We receive security intel feeds for a specific type of malware or ransomware. AML queries looking for the activity is applied in almost real-time. Ultimately, this determines if the activity was not observed on the network.""This solution’s encrypted traffic analysis helps us stay in compliance with government regulations. It is all about understanding data exfiltration, what is ingressing and egressing in our network. One common attack vector is exfiltrating data using encryption. My capabilities to see potential data exfiltration over encrypted traffic is second to none now.""The security knowledge graph has been very helpful in the sense that whenever you try a new security solution, especially one that's in the detection and response market, you're always worried about getting a lot of false positives or getting too many alerts and not being able to pick out the good from the bad or things that are actual security incidents versus normal day to day operations. We've been pleasantly surprised that Awake does a really good job of only alerting about things that we actually want to look into and understand. They do a good job of understanding normal operations out-of-the-box.""This solution help us monitor devices used on our network by insiders, contractors, partners, or suppliers. Its correlation and identification of specific endpoints is very good, especially since we have a large, virtualized environment. It discerns this fairly well. Some of the issues that we have had with other tools is we sometimes are not able to tell the difference between users on some of those virtualized instances."

More Awake Security Platform Pros »

"The most valuable features are the protection and that it is fast.""The HTML file sandboxing is very good.""The product is very easy to install.""The most valuable features are monitoring for advanced persistent threats, the system runs in a sandbox allowing for effective zero-day exploits management, and the Inspector has a built-in sandbox.""I like the sales operations testing. and support."

More Trend Micro Deep Discovery Pros »

Cons
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats.""One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it.""The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit.""If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company.""Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM.""The main improvement I can see would be to integrate with more external solutions.""They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard.""I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."

More Vectra AI Cons »

"While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal.""One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out.""Be prepared to update your SOPs to have your analysts work in another tool separately. There are some limitations in the integrations right now. One of the things that I want from a security standpoint is integration with multiple tools so I don't need to have my analysts logging into each individual tool.""One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far.""They've been focused on really developing their data science, their ability to detect, but over time, they need to be able to tie into other systems because other systems might detect something that they don't.""Awake Security needs to move to a 24/7 support model in the MNDR space. Once they do that, it will make them even better.""I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this.""When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way."

More Awake Security Platform Cons »

"I would like to see integration with third-party tools to improve the visibility of the dashboards.""The stability of the solution could be improved. It should be 100% stable, but it's not there right now.""The solution could be more stable and offer more security.""The solution needs to be able to integrate better with third-party infrastructure.""I would like to see them create a rule where It could integrate with the network and start mitigating with auto-detection."

More Trend Micro Deep Discovery Cons »

Pricing and Cost Advice
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money.""We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy.""The pricing is very good. It's less expensive than many of the tools out there.""We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for.""There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream.""From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country.""The pricing is high.""Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."

More Vectra AI Pricing and Cost Advice »

"Awake's pricing was very competitive. It's not a cheap option though. It's an investment to utilize it, but it's one that we decided was worth the cost, with the managed services. At our scale, it was a much better option to utilize their software and their managed services to handle this, rather than hiring another person to be an analyst. It was quite cost-effective for us.""The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year.""The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at.""We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher.""Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model.""The solution is very good and the pricing is also better than others..."

More Awake Security Platform Pricing and Cost Advice »

"The price of the solution is lower compared to the competition.""Overall, the price is good."

More Trend Micro Deep Discovery Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
554,148 professionals have used our research since 2012.
Questions from the Community
Top Answer: Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a… more »
Top Answer: Cost is a big factor, as always. However, I think we have a very good price–performance ratio.
Top Answer: If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex… more »
Top Answer: The query language that they have is quite valuable, especially because the sensor itself is storing some network… more »
Top Answer: The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other… more »
Top Answer: One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities… more »
Top Answer: The product is very easy to install.
Top Answer: Our department is purely technical department and we are in place for delivering technical aspects. Therefore, I don't… more »
Top Answer: The solution could be more stable and offer more security. When we get suspicious links, we need to make sure they are… more »
Comparisons
Also Known As
Vectra Networks, Vectra AI NDR
Awake
Trend Micro Deep Discovery Inspector, Trend Micro Deep Discovery Analyzer
Learn More
Overview

Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.

Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts.

Deep Discovery is available as a physical or virtual network appliance. It’s designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.

Offer
Learn more about Vectra AI
Identify hidden network threats


Your network may have security risks that you don't know about. Schedule a live demo to see how you can use Awake Security to identify and mitigate these threats.

Learn more about Trend Micro Deep Discovery
Sample Customers
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Coming Soon...
Allied Telesis, Atma Jaya Catholic University of Indonesia, Babou, Blekinge County Council, Delacour, Hiroshima Prefectural Government, Live Nation Entertainment Inc., Mazda Motor Logistics Europe, McGill University Health Centre, Mikuni Corporation, OKWAVE, Sinar Mas Land, SWICA, UTOC Corporation
Top Industries
REVIEWERS
Financial Services Firm19%
Retailer19%
Manufacturing Company13%
Mining And Metals Company13%
VISITORS READING REVIEWS
Comms Service Provider26%
Computer Software Company24%
Government6%
Financial Services Firm6%
REVIEWERS
Insurance Company18%
Pharma/Biotech Company9%
Energy/Utilities Company9%
Computer Software Company9%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider22%
Financial Services Firm5%
Media Company4%
VISITORS READING REVIEWS
Computer Software Company29%
Comms Service Provider26%
Government7%
Financial Services Firm5%
Company Size
REVIEWERS
Small Business18%
Midsize Enterprise6%
Large Enterprise76%
VISITORS READING REVIEWS
Small Business25%
Midsize Enterprise22%
Large Enterprise53%
REVIEWERS
Small Business18%
Midsize Enterprise18%
Large Enterprise64%
VISITORS READING REVIEWS
Small Business22%
Midsize Enterprise47%
Large Enterprise32%
REVIEWERS
Small Business56%
Midsize Enterprise11%
Large Enterprise33%
Find out what your peers are saying about Darktrace, Vectra AI, Auvik and others in Network Traffic Analysis (NTA). Updated: November 2021.
554,148 professionals have used our research since 2012.

Awake Security Platform is ranked 7th in Network Traffic Analysis (NTA) with 8 reviews while Trend Micro Deep Discovery is ranked 9th in Intrusion Detection and Prevention Software (IDPS) with 5 reviews. Awake Security Platform is rated 8.8, while Trend Micro Deep Discovery is rated 8.4. The top reviewer of Awake Security Platform writes "The time from finding threats to remediation is almost instantaneous". On the other hand, the top reviewer of Trend Micro Deep Discovery writes "Good HTML file sandboxing and great technical support, but stability isn't 100%". Awake Security Platform is most compared with Darktrace, Cisco Stealthwatch, ExtraHop Reveal(x), Corelight and Splunk User Behavior Analytics, whereas Trend Micro Deep Discovery is most compared with Darktrace, Trend Micro TippingPoint Threat Protection System, Cisco Stealthwatch, Fortinet FortiGate IPS and ExtraHop Reveal(x).

We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.