We performed a comparison between Pico Corvil Analytics and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software."We can manage the entire system across the network and troubleshoot the pain points."
"We use the data to analyze how much time we spend within the applications. Then, based on that, we are doing multiple analyses and types of investigations to work on reducing the amount of time spent on the latency, which helps our applications."
"We like the dashboards because they essentially organize all the sessions into one viewpoint."
"The analytics features of Corvil are really good... As long as you know what the field is in the message, you can build your metrics based on that field... It means you can do the analytics that you actually care for. You can customize it..."
"Time-series graphs are very good for performance analysis. We can do comparisons... We can say this is the latency in the last 24 hours, and this was the same 24-hour period a week ago and overlay the two time-series graphs on top of each other, so we can see the difference. That's a really powerful tool for us."
"With the Corvil Stored Data Analyzer module, we can use it for test data or a set of production data to set up the configuration for latency setup, so we can use the fields to correlate messages."
"As part of my role in monitoring multiple client connections, I would use Pico Corvil Analytics to set up alerts for performance issues, such as TCP resends and dropped packets. These alerts would trigger when the volume was low and performance was poor, allowing me to work with our trading partners to find a resolution. I would present them with the statistics I had and together, we would identify the source of the issue. This collaboration resulted in the client often reconfiguring their systems. For example, we may find that a network connection needed to be made. Overall, this proactive approach helped to maintain strong connections with our clients and minimize disruptions to trading revenue."
"We're able to quickly drill down and find answers to events that are happening in real-time, using Corvil's analytics tools. That's the feature which is most in the spotlight..."
"We can use CLI with the UI for configuring the new monitoring system, which is good."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"The solution is currently used as a central threat detection and response system."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"The Wi-Fi side needs improvement."
"Overall, the Corvil device needs a little bit of training for people to handle it. If that could be reduced and made more user-friendly, more intuitive, it would be better."
"While the product is scalable, it's not easy to scale. It needs investment hardware and network bandwidth consideration. It's not something you can just do overnight."
"In terms of performance analysis, if you really want to dig down into the minutiae and get statistics on the important things... that would be the only piece lacking because, in our environment, we have thousands and thousands of symbols. With the architecture that Corvil is built on, it's cumbersome."
"Before I got the Corvil training... one thing that was not very efficient was that every time you had to create a new stream or a new session from within Corvil... you had to tell it what protocol the message is going to come through and how to correlate messages, etc... After I went for the training, they had already added these nice features in the 9.4 version where it could do auto-discovery... Based on the traffic that it has already seen, it could create sessions on the fly."
"For FIX protocol, maybe we could have built-in configurations for signatures and decoders. Also, for certain protocols, which are newer, we would like to just add the signatures within the decoders itself."
"The creation of charts and real-time windows was somewhat cumbersome. The vendor's website had an application called App Agent that required improvement. This API was designed to track message rates between microservers ingested into a microservice memory map. It allowed users to monitor the number of transactions that occurred at specific points within the application, and it was quite impressive. However, it had some limitations, and it mainly served as a tool for basic tracking. The protocols it employed could reveal the type of server-to-server communication and the specific order types, but it was not able to provide a more in-depth analysis of the application. The vendor has the potential to integrate application metrics more extensively into their product suite."
"There is definitely room for improvement in the reporting. We've tried to use the reporting in Corvil but, to me, it feels like a bolt-on, like not a lot of thought has gone into it. The whole interface where you build reports and schedule them is very clunky."
"It's quite difficult to see, sometimes, how hard your Corvil is working. When we had a very busy feed that chucked out a lot of data it wasn't working very well on Corvil. We had to raise a case for it. It turned out to be that, in fact, we were overloading Corvil."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"The rules for threats are not always precise and Vectra AI should improve this."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
Pico Corvil Analytics is ranked 51st in Network Monitoring Software with 9 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Pico Corvil Analytics is rated 9.0, while Vectra AI is rated 8.6. The top reviewer of Pico Corvil Analytics writes "Helpful support agents, beneficial issue detection, and high availability". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Pico Corvil Analytics is most compared with NETSCOUT nGeniusONE, Gigamon Deep Observability Pipeline and ThousandEyes, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.