We performed a comparison between Darktrace and Pico Corvil Analytics based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Since we have started using the solution, there have been fewer compromises."
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"The basic features are okay and I'm satisfied with the Defender."
"There are several features that I consider valuable."
"The initial setup was easy."
"I like its investigation capabilities, as that is what is most important to me. It is fairly simple with a user-friendly interface."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"It's a very stable product."
"The NDR is good in their solution and they have NTG for email."
"Darktrace is extremely stable."
"t was pretty as far as the granularity of what you were getting out of it."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"The analytics features of Corvil are really good... As long as you know what the field is in the message, you can build your metrics based on that field... It means you can do the analytics that you actually care for. You can customize it..."
"It has all the decoders so it's capturing every network packet and it's decoding in real-time and it's giving us latency information in real-time... It's the real-time decoding and getting the latency information statistics that we find the most useful."
"The performance metrics are pretty good. We've got everything from the network layer to the actual application layer. We can see what's going on with things like sending time and batching."
"We can use CLI with the UI for configuring the new monitoring system, which is good."
"Time-series graphs are very good for performance analysis. We can do comparisons... We can say this is the latency in the last 24 hours, and this was the same 24-hour period a week ago and overlay the two time-series graphs on top of each other, so we can see the difference. That's a really powerful tool for us."
"With the Corvil Stored Data Analyzer module, we can use it for test data or a set of production data to set up the configuration for latency setup, so we can use the fields to correlate messages."
"We're able to quickly drill down and find answers to events that are happening in real-time, using Corvil's analytics tools. That's the feature which is most in the spotlight..."
"As part of my role in monitoring multiple client connections, I would use Pico Corvil Analytics to set up alerts for performance issues, such as TCP resends and dropped packets. These alerts would trigger when the volume was low and performance was poor, allowing me to work with our trading partners to find a resolution. I would present them with the statistics I had and together, we would identify the source of the issue. This collaboration resulted in the client often reconfiguring their systems. For example, we may find that a network connection needed to be made. Overall, this proactive approach helped to maintain strong connections with our clients and minimize disruptions to trading revenue."
"One area for improvement is support, in terms of being able to reach them and, especially, technical support for configuration."
"The company should focus on adding threats that the solution is currently unable to detect."
"The custom alerts have to improve a lot."
"The phishing and spam filters could use some improvement."
"In some situations, it has not been able to pick impersonated emails having no attachments. Technical support definitely has a scope for improvement."
"I'd like some additional features any product can give me to protect our environment in a better way."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"You should be able to deploy Defender for every subscription without the need to add servers."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"I would like to see some additional enhancements."
"The price point for the product was too high for what our possible use case could be."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"The interface and dashboards could be improved for ease-of-use."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"Although we haven't detected any network threats since implementing Darktrace, we are unsure of its efficacy. It would be beneficial if the solution could offer additional details to the user regarding any potential or prevented threats. Additionally, there could be better search tools and integration."
"The analytics feature is very nice, but it's mostly software. We are hoping that it could be embedded in ASICs, so it could be faster."
"There is definitely room for improvement in the reporting. We've tried to use the reporting in Corvil but, to me, it feels like a bolt-on, like not a lot of thought has gone into it. The whole interface where you build reports and schedule them is very clunky."
"Overall, the Corvil device needs a little bit of training for people to handle it. If that could be reduced and made more user-friendly, more intuitive, it would be better."
"It's quite difficult to see, sometimes, how hard your Corvil is working. When we had a very busy feed that chucked out a lot of data it wasn't working very well on Corvil. We had to raise a case for it. It turned out to be that, in fact, we were overloading Corvil."
"In terms of performance analysis, if you really want to dig down into the minutiae and get statistics on the important things... that would be the only piece lacking because, in our environment, we have thousands and thousands of symbols. With the architecture that Corvil is built on, it's cumbersome."
"Alerting isn't great... you can only put in one email address in. And that's for all kinds of alerting on the box."
"The creation of charts and real-time windows was somewhat cumbersome. The vendor's website had an application called App Agent that required improvement. This API was designed to track message rates between microservers ingested into a microservice memory map. It allowed users to monitor the number of transactions that occurred at specific points within the application, and it was quite impressive. However, it had some limitations, and it mainly served as a tool for basic tracking. The protocols it employed could reveal the type of server-to-server communication and the specific order types, but it was not able to provide a more in-depth analysis of the application. The vendor has the potential to integrate application metrics more extensively into their product suite."
"Before I got the Corvil training... one thing that was not very efficient was that every time you had to create a new stream or a new session from within Corvil... you had to tell it what protocol the message is going to come through and how to correlate messages, etc... After I went for the training, they had already added these nice features in the 9.4 version where it could do auto-discovery... Based on the traffic that it has already seen, it could create sessions on the fly."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 13th in Email Security with 65 reviews while Pico Corvil Analytics is ranked 51st in Network Monitoring Software with 9 reviews. Darktrace is rated 8.2, while Pico Corvil Analytics is rated 9.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Pico Corvil Analytics writes "Helpful support agents, beneficial issue detection, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas Pico Corvil Analytics is most compared with NETSCOUT nGeniusONE, Gigamon Deep Observability Pipeline and ThousandEyes.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.