We performed a comparison between Threat Stack Cloud Security Platform and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Darktrace, Vectra AI, Check Point Software Technologies and others in Intrusion Detection and Prevention Software (IDPS)."An important feature of this solution is monitoring. Specifically, container monitoring."
"It is scalable. It deploys easily with curl and yum."
"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal."
"Every other security tool we've looked is good at containers, or at Kubernetes, is good at AWS, or at instance monitoring. But nobody is good at tying all of those things together, and that's really where Threat Stack shines."
"We're using it on container to see when activity involving executables happens, and that's great."
"Technical support is very helpful."
"With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products."
"We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity."
"Some valuable features of Vectra AI are that it is very intuitive and that there are only a small amount of false positives. Therefore, it's an effective solution."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"Vectra AI generates relevant information."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great."
"The compliance and governance need improvement."
"I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."
"It shoots back a lot of alerts."
"The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now..."
"They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter."
"The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead."
"Some features do not work as expected."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"ExtraHop has better features that seem more advantageous when compared to Vectra."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
More Threat Stack Cloud Security Platform Pricing and Cost Advice →
Threat Stack Cloud Security Platform is ranked 27th in Intrusion Detection and Prevention Software (IDPS) while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Threat Stack Cloud Security Platform is rated 8.2, while Vectra AI is rated 8.6. The top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Threat Stack Cloud Security Platform is most compared with AWS GuardDuty, Darktrace, Palo Alto Networks URL Filtering with PAN-DB, Prisma Cloud by Palo Alto Networks and Qualys VMDR, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
CylancePROTECT is AI-powered endpoint protection that will scan your endpoint devices with AI and Machine Learning security. It does not work with traditional signature-based protection and will cover your endpoints against the latest malware and event Potential Unwanted Programs. We are also a Darktrace partner and if interested we can demo both Cyber Security solutions to your company. If you are interested in more information about CylancePROTECT and Darktrace and would like to run a free POC, please contact me at cj@groveis.com.
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
The most important thing to get traction is your business approach and some kind of openness for 3rd parties. NOBODY needs "fancy Dashboards"!
Most of the known vendors like Darktrace is extremely "sales offensive" and they don't have a clear sales strategy (direct or channel). A free POV (30days) is a common approach to attract new customers, but the outcome is not really important. It says nothing about the PAINS on the customer site.
Know your competitors!!!! There are many AI CyberSec Startups and Technologies - 99% are using "Machine Learning" what needs more time to the realtime reaction in critical phases. Preferred is Deep Learning like DeepInstinct offers.
Pricing Model per IP´s is pretty usual - but you need flexibility.
Thank you I’m not really interested in being sold to. I’m asking about what works, what doesn’t and pricing models. I don’t want any demos.
Thank you for your comments...what if the malware does not present as anomalous?
We are an Endpoint focused firm represented a Pyramid of EP based protection services (email & web filter, coupled with EP protection, cyber insurance and dark web monitoring). Our key AI product offering is Cylance, world class in it's ability to protect you where over 95% of all hacks occur, the End Point. Cylance is typically sold as a manged service due to some of the complexities of tailoring the product to fit your business needs. Typically the service is price per EP, per month.
Thank you, I am familiar with Darktrace and really like the product. I'd like to know your thoughts on additional features and pricing preferences.
In my opinion, the best response always comes from the source. I have many contacts at Darktrace that can precisely answer these and other questions. Please let me know if you would like me to arrange for a scheduled call.