Darktrace OverviewUNIXBusinessApplication

Darktrace is the #1 ranked solution in our list of top Intrusion Detection and Prevention Software. It is most often compared to Cisco Stealthwatch: Darktrace vs Cisco Stealthwatch

What is Darktrace?

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides enterprise-wide cyber defense to over 4,700 organizations, protecting the cloudemailSaaStraditional networksIoT devicesendpoints, and industrial systems.

A self-learning technology, Darktrace AI autonomously detects, investigates, and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss, and supply chain vulnerabilities.

The company has 1,500 employees globally, with headquarters in Cambridge, UK. Every second, Darktrace AI fights back against a cyber-threat, before it can cause damage.

Darktrace Buyer's Guide

Download the Darktrace Buyer's Guide including reviews and more. Updated: September 2021

Darktrace Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol

Darktrace Video

Pricing Advice

What users are saying about Darktrace pricing:
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
  • "It was $3,600 a month or $2,000 plus or so. I am not sure. Its licensing is pretty simple."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Victor  Ibanez
Director Comercial México at Aubay
Reseller
Top 10
A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support

What is our primary use case?

We deployed Darktrace for one of the biggest telecommunications companies in Latin America. It is deployed on-premise, but it is more like a service because we don't care about the appliances. Even though it works with appliances, it is more related to the services to the connections that the solution can handle. Because of that, it is on-premise, but it also has a component with sensors that works for remote instances, almost like a cloud solution. Some of the clients, especially in the security area, think that this appliance will replace a firewall or a prevention system solution, but it… more »

Pros and Cons

  • "It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
  • "It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."

What other advice do I have?

Over the past years, I have seen some customers say, "No, I have Endpoint protection. I have intrusion prevention. I have a firewall. I don't need anything like that." My advice is that first of all, open your mind to new solutions because this type of solution will catch everything that the rest of the solutions that you have won't catch. That's the first thing. The second thing is that do not limit the work of the people who work with Darktrace by saying that you know your network because we can assure you that you don't know your network and the threats that are inside and outside the…
Imad Awwad
IT Director at a manufacturing company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Advanced Cybersecurity Artificial Intelligence, plenty of features, and impressive threat detection

What is our primary use case?

Darktrace is used for cybersecurity, you can buy it as a physical appliance or solution as a service on the cloud. I tried the on-premises solution to detect any threat over our network.

Pros and Cons

  • "I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
  • "In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."

What other advice do I have?

My advice to those wanting to implement this solution is if they want to experience artificial intelligence, advanced cybersecurity, and high-level detection, this solution is the one. I rate Darktrace a nine out of ten.
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
534,057 professionals have used our research since 2012.
GP
Data Security Manager at a sports company with 201-500 employees
Real User
Has the ability to see events and have access to exactly what traffic or website a device had tried connecting to

What is our primary use case?

I'm a customer data security manager and we are looking at replacing our current solution, McAfee, with something like Darktrace or CrowdStrike which will provide the same visibility with the endpoint protection aspect.

Pros and Cons

  • "Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
  • "The product doesn't have an endpoint agent that can react to triggers set on the device,"

What other advice do I have?

I would suggest to anyone considering this option to identify if this is going to be a monitoring tool to supplement an existing system or if this is going to be another product in your existing security suite of tools. I would rate this product an eight out of 10.
FH
Founder and Director at a tech services company with 11-50 employees
Real User
Top 20
Good detection capability and reduces our team's effort, but there should be more visibility at the endpoint level and less effort in fine-tuning

What is our primary use case?

I'm currently heading cybersecurity for 1,500 entities. Some of them have deployed Vectra, and some of them have deployed Darktrace. Darktrace has been in the UK market for a while, whereas Vectra is a not-so-old player in the UK market. We are using the latest version of Darktrace but not their latest offering. They are now also providing email security over the Darktrace platform, but we have not been utilizing that. We have been utilizing their network detection and response and some part of automated incident response (IR) capability. We have a hybrid infrastructure. Some centers are… more »

Pros and Cons

  • "In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
  • "In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."

What other advice do I have?

I would rate Darktrace a seven out of ten. It is a good solution, but it requires some improvements.
MP
Senior Security & Infrastructure Architect at a retailer with 10,001+ employees
Real User
Built-in AI analytics helps give you total visibility of your architecture assets

What is our primary use case?

I am working with Darktrace in concert with F5, Tufin, and SAP security products.

Pros and Cons

  • "AI analytics are built directly into the product."
  • "It is a very simple product to use."
  • "A reporting portal could be a great addition to help customize reports."

What other advice do I have?

If someone asked me for advice about the product I would definitely highly recommend it to those who need this type of solution. It is really good. It has given us a view of our company and it has actually caught a couple of people that were doing data exfiltration and stealing data from our company. We caught them doing it in the act in live time, which is just incredible. On the scale from one to ten where one is the worst and ten is the best, I would definitely rate this product at the moment as a ten. It is a perfect solution for our needs.
AsankaAbeyrathne
Assistant Manager at a financial services firm with 201-500 employees
Real User
Top 20
Strong cyber-security solution but it has too many false positives

What is our primary use case?

Generally, we use Darktrace for behavioral analytics. We use it in the inner-network and the outside network for malicious connectivity. Darktrace gives us support with networks. We follow all the notifications and sometimes we block malicious IPs from the firewall.

Pros and Cons

  • "Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
  • "Darktrace needs to automate the reports of false positives, botnets and everything."

What other advice do I have?

Based on our experience with DarkTrace, I would advise that if they are comparing prices, ROI and everything, I think Darktrace is better than FireEye. On a scale of 1 to 10 I can rate it a 6. I give it a 6 because it's been a year learning everything, and technology, attacks and patents are changing everyday.
IV
Application & Security Specialist at a financial services firm with 1,001-5,000 employees
Real User
Easy to use with an intuitive dashboard, powerful AI, and inbuilt data packet analysis

Pros and Cons

  • "The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
  • "This is quite an expensive product so the pricing is something that can be improved."

What other advice do I have?

We're very pleased with Darktrace so it is a bit difficult to pinpoint areas for improvement. It covers all of our needs and from what I can see, it does the basics very well. There are many advanced features, also. This is a solution that I definitely recommend. It offers a proof of value rather than a proof of concept, where they run the tool in your network, let it learn and then catch any vulnerabilities. Then you will actually see the value of the solution, either potentially blocking any exploitive threats or not, but its a really good thing to go through. To do this, I think that you…
MT
Security Engineer at a real estate/law firm with 1,001-5,000 employees
Real User
Provides a higher level of threat detection, detects any type of attack, and very useful for an autonomous response

What is our primary use case?

We use it to protect IoT devices. Darktrace does network traffic analysis. So, by analyzing all traffic patterns in your environment, you can detect any type of anomalous activity, as far as the network is concerned. I have been using its latest version. Its deployment depends on the environment. It can do sensors in the cloud, and it can also do on-prem.

Pros and Cons

  • "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
  • "They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."

What other advice do I have?

Darktrace is a pretty good company. The only thing that they need to really work on is just being able to get rid of some of those false positives. Once the solution is tuned up, it pretty much just runs. I would advise making sure that you do a really good PoC of the product so that you can be sure that it makes sense in your environment. I would rate it a nine out of 10.
See 13 more Darktrace Reviews