We just raised a $30M Series A: Read our story
Nathan Williams
Chief Operations & Information Officer at MineWorkers Provident Fund
Real User
Top 20
Delivers as expected, provides good analytics around the real-time monitoring of our network, and has good reporting and reporting period

Pros and Cons

  • "I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
  • "One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."

What is our primary use case?

We have Antigena on the email, and we also use the network monitoring capabilities. We are using the latest version of the Antigena Email and AI analytics platform. 

What is most valuable?

I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities. 

What needs improvement?

One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network.

For how long have I used the solution?

We have been using Darktrace for two years.

How are customer service and technical support?

There were a couple of times when we needed some of the expertise, and the guys were not available at the time when we needed them. Subsequently, they've managed to improve.

What other advice do I have?

In terms of our organization, we are a massive IT organization or financial services company. We've got a very small ITP, but we've got a lot of data. We are not sure about Darktrace in terms of its capacity to deal with huge data, but it is probably too early for me to give some sort of indication of what is not big.

At the moment, they are delivering on the set objective in terms of what I want to achieve as a CIO, and I'm quite happy with some of the deliverables that are coming through at the moment. In terms of what our requirements were and what we expect in terms of what we want them to deliver, they have delivered. Within the next two to three years, I would probably be able to provide a different perspective after we've matured within the Darktrace environment. At the moment, they've delivered the actual scope of work. There is nothing really that they're not delivering on as promised. So, at the moment, I'm quite happy with where we are.

I would rate Darktrace a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
JN
System Architect at a energy/utilities company with 51-200 employees
Real User
Stable with helpful technical support and good network visibility

Pros and Cons

  • "The product offers us a very good user interface and we've found the network visibility to be very good so far."
  • "It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."

What is most valuable?

Overall, I like the system. The product offers us a very good user interface and we've found the network visibility to be very good so far. The solution has one window and shows all networks.

The solution comes in multiple languages, including English and Arab options.

The solution is stable.

We've found that technical support is helpful and available to assist us if we need them.

What needs improvement?

There are some automation capabilities, however, they could be presented better.

The manual is difficult to follow. While it presents some use cases, it's not very clear. There may also be some language barriers, as it's not available in my language.

Some aspects of the initial setup are complex. 

It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not. 

The cost of the solution is quite high.

I'm very interested in ISO 27001 and these processes. I'd like to better understand how it supports this kind of workflow.

For how long have I used the solution?

I haven't used the solution for very long. It may only be about 20 hours or so. It's very, very new. 

What do I think about the stability of the solution?

The solution is mostly stable. I found that, during the POC, sometimes my rights would do off and I would have to reinstate them, however, other than that, it was very stable. The performance was good. 

What do I think about the scalability of the solution?

I've only used the solution for a short amount of time. I can't really speak to the scalability. There were different models that I tried, however, I can't speak about how different models affect the scalability. I've only used it for a very short amount of time.

There are maybe three or four people on the solution, now that we've tested it. 

How are customer service and technical support?

I haven't really interacted so much with technical support, however, there is a person available to us that could help us troubleshoot or answer our questions if we need assistance. 

How was the initial setup?

There are aspects of the initial setup that are not very straightforward. there is some complexity. I needed to keep going back to the manual to check things at certain points. 

What's my experience with pricing, setup cost, and licensing?

We are still currently in the test period. Within the year, we will have to invest in the cost of licensing. We have not done that yet.

The solution itself is quite expensive. 

Which other solutions did I evaluate?

We did look at other solutions, however, I can't speak to which solutions we actually looked at.

What other advice do I have?

We are a partner.

I'm not sure which version of the solution we're using. My understanding is that it is version 5.

I would recommend the solution to others. However, it's important to ensure you use the solution in order to set up your processes correctly and to the benefit of the organization.

So far, I would rate the solution at an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,136 professionals have used our research since 2012.
Cliff Matonda
System Administrator at a non-tech company with 10,001+ employees
Real User
Top 5Leaderboard
Reasonably prices, stable, and straightforward to set up

Pros and Cons

  • "The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
  • "The solution could be easier to use."

What is our primary use case?

We are primarily using the solution for network monitoring as well as cybersecurity.

What is most valuable?

The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us.

The solution is stable.

The product scales well within a network.

The initial setup is pretty simple.

The solution isn't too expensive.

What needs improvement?

The solution could be easier to use.

The user interface is a bit too detailed. They should work to pare it down and simplify it. They seemed to have designed it for an expert user and not a layman. If there are some system administrators who are not experts and they just want to just get sensors reports and escalate, it should be easier for them to do so.

For how long have I used the solution?

I've been using the solution for three years at this point.

What do I think about the stability of the solution?

The solution is very stable. As far as we've been using it, we've not had any major issues. It doesn't crash or freeze. There are no bugs or glitches. It's reliable.

What do I think about the scalability of the solution?

The solution is scalable within the network. If a company needs to expand it, it can do so.

For our particular office, we have around 100 users.

I cannot say if we will increase usage. We have many offices and decisions in relation to usage increases would come from our UK office.

How are customer service and technical support?

Technical support is great. They are very responsive and helpful. We are very satisfied with the level of support they provide to us.

Which solution did I use previously and why did I switch?

We did not previously use a different solution. For cybersecurity, this is our first product. We were using the traditional endpoint protection as well, and we still do. For that, we use Sophos.

How was the initial setup?

The installation was straightforward, from what I understand. I didn't actually handle ht process. That was done by a consultant. 

The deployment was fast. In less than an hour, everything was up and running.

I handle the maintenance myself.

What about the implementation team?

We had a consultant that assisted us with the implementation. They made the process very easy.

What's my experience with pricing, setup cost, and licensing?

We typically do yearly or three-year licensing, however, I can't speak to the exact costs or arrangements.

It's not too expensive. The price is good for what it offers.

What other advice do I have?

We're just a customer and an end-user.

Overall, I'd rate the solution at an eight out of ten. We've mostly been quite happy with the product.

I'd recommend it to other users and organizations.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Guido Pellillo
Head of Cybersecurity Business Unit at S2E
Real User
Top 20
Provides a visual representation of attack history, with a nice GUI, but the analysis could be simplified

Pros and Cons

  • "I find it very good in the way that they show the past events, including the attack history."
  • "It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."

What is our primary use case?

We are a system integrator and we pose solutions, including this one, to our clients.

It is mainly used to reinforce response capabilities with respect to network security.

What is most valuable?

I find it very good in the way that they show the past events, including the attack history. You are able to visualize all of the attack paths and connectivity to see what's happened.

The GUI interface is very good.

They are using the best machine learning and AI at the moment.

What needs improvement?

The need to simplify the analysis from a user perspective. In a few cases, you have to be a specialist in order to understand what's happening. It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening.

For how long have I used the solution?

I was been working with Darktrace for two years.

What do I think about the stability of the solution?

Stability-wise, we have not had any issues and it has been quite good.

What do I think about the scalability of the solution?

We haven't had any trouble with scalability.

How are customer service and technical support?

We have had contact with technical support and help was quite straightforward. Our feedback for them is good.

Which solution did I use previously and why did I switch?

We work with a variety of products in the security space including Darktrace, Splunk, Elastic, and others.

How was the initial setup?

The initial setup is really simple. This product is normally deployed as an on-premises appliance and it normally takes less than one day. It depends on how complex the network is, but it's usually quite simple.

What's my experience with pricing, setup cost, and licensing?

Our customers feel that the price of Darktrace is quite high compared to other solutions. However, I feel that they are one of the top solutions in this space and they want to be paid for that.

What other advice do I have?

They are currently working on improving their interface by including AI to help simplify things, but it does not work on real-time data. Rather, it works on historical events.

This is definitely a product that I can recommend, although I would probably be using it together with a SOC service or somebody else who can manage it properly.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Gerald Segura
Seguridad de la Información at Banco Davivienda (Costa Rica) S.A.
Real User
Top 20
Allows us to monitor our network 24/7 without a lot of analysts

Pros and Cons

  • "The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
  • "I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."

What is our primary use case?

Darktrace is deployed on our LAN, inside the network. No site, no internet, it's just for monitoring the LAN, local access network. It helps us to find a lot of threats inside the network. We are very happy with the solution. You don't need to have a lot of analysts with Darktrace who are making or following the incident. This solution helps you to send the notification and avoid threats.

What is most valuable?

The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7.

What needs improvement?

Firstly, the integration should be improved. 

In terms of what additional features I would like included in the next release of Darktrace, I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there.

For how long have I used the solution?

We have been using Darktrace for three years.

What do I think about the stability of the solution?

In terms of stability, Darktrace is an excellent product.

What do I think about the scalability of the solution?

Darktrace's scalability is very good. We have about 1,200 users on it currently.

How are customer service and technical support?

Their technical support is excellent.

Which solution did I use previously and why did I switch?

We have more than an SOC, a security operation center, so we switched to Darktrace because they use artificial intelligence and they are more sophisticated in preventing threats.

How was the initial setup?

The initial setup is straight forward. Deployment took one day.

What about the implementation team?

We implemented with a consultant. It required two people.

What was our ROI?

Our ROI as a result of Darktrace is excellent. The return of the cost of the solution for preventing threats is very good.

What's my experience with pricing, setup cost, and licensing?

Darktrace is expensive, but its results are invaluable.

What other advice do I have?

Because of all it does, Darktrace is a very good solution, and it doesn't take a lot of time to implement and to get results. You can learn the behavior of the network and take actions, not based in signatures. I think this is very, very good.

On a scale of one to ten, I would give Darktrace a nine.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
JC
Network Security Engineer at a performing arts with 201-500 employees
Real User
Top 5Leaderboard
Antigena feature offers immediate and helpful response

Pros and Cons

  • "I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
  • "The interface is too mathematical and it should be simplified."

What is our primary use case?

Darktrace makes up part of our security solution and it is able to operate without intervention from IT staff.

How has it helped my organization?

You can have a one-person IT team and with Darktrace, you can get notification of potential threats that are incoming or are already happening on the network.

What is most valuable?

I like the Antigena feature in Darktrace, as it offers immediate response and is helpful.

This product collects more data than your traditional type of software, which is useful for us.

What needs improvement?

The interface is too mathematical and it should be simplified. If you are a seasoned user then you would know where to go, but you have to learn it first. The terminologies being used are mostly numbers. In general, it could be more user-friendly. The GUI can be more simplified and the sections on the interface can be better organised. Usability and visibility of features can improve the skills of administrators and the product will be a preferred solution and ratings will increase

For how long have I used the solution?

My experience with Darktrace is short because we are just implementing it now.

What do I think about the stability of the solution?

The stability of Darktrace is fine.

What do I think about the scalability of the solution?

We do not intend to scale. Scalability is more of a contract issue that comes into play if you want to add nodes to the system. We are opting for a specific number of nodes or endpoints, which we would be able to keep for quite a number of years. I don't expect that we will expand that much, so scalability should not be an issue.

How are customer service and technical support?

We have been in contact with technical support using different platforms. We have dealt with them using Microsoft Teams, Zoom, and via email.

How was the initial setup?

The initial setup was quite simple and straightforward, taking about an hour to complete. After that, the port modeling took perhaps an hour or two.

What's my experience with pricing, setup cost, and licensing?

If you consider the features and the cost of market leaders, we are satisfied with the pricing.

What other advice do I have?

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Otniel Agostinho
CTO at CyberSecur, Lda
Real User
Top 20
Get a comprehensive view of your network and whatever is happening inside it in real-time

Pros and Cons

  • "It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
  • "It is a stable solution without downtime."
  • "The pricing model is a little too high and could be more flexible."
  • "The interface and dashboards could be improved for ease-of-use."

What is our primary use case?

The primary use case for Darktrace is for tracking intruders and alerting for network threats.  

What is most valuable?

The most valuable feature in Darktrace is that it gives me a comprehensive, detailed view of my network and whatever is happening inside it. It is a very good tool for me that helps me to remain aware of security vulnerabilities. I know what is happening on my network in real-time and it responds quickly. It is really very useful.  

What needs improvement?

I am just a manager and I do not really have a technical viewpoint. The tool really suits me perfectly for now for all my basic security needs and what I expect it to do. It does not need any major changes right now to do what I need it to do. It is not missing anything.  

If I am thinking about improvement, everything can be improved somewhat. Maybe the interface and dashboards could be better. I would be glad if they could make these easier from the point of view of management. It could save some time.  

The price is also a little high and could be more enticing.  

For how long have I used the solution?

We have been using Darktrace for about two years.  

What do I think about the stability of the solution?

Darktrace is very stable. It provides 99.9% of our security needs and it does not have downtime. It is a very good, stable solution.  

What do I think about the scalability of the solution?

We did not have the opportunity to test the scalability because our organization has not grown much over the period of time that we have been using the product. I think that scalability is built into the product, but for now, we have not experienced how scaling the product works firsthand.  

What's my experience with pricing, setup cost, and licensing?

I am not so satisfied with the pricing model for Darktrace. The price is a little bit high compared to other solutions. The pricing model should be more flexible.  

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate Darktrace as an eight-out-of-ten.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PP
ciso at SDIS49
Real User
Top 5Leaderboard
A clever solution that spots problems that cannot be found by other solutions but it would benefit from having automation

Pros and Cons

  • "The solution is stable. We've never had any problems with it."
  • "The solution would benefit from automation. Currently, you have to know what you are searching for."

What is our primary use case?

Primarily we use the solution to spot problems that cannot be found by other solutions. 

How has it helped my organization?

Darktrace has improved our knowledge of abnormal phenomenen which could have potentially be hazardous for the organization.You have to be vigilant with GDPR compliance rules in Europe 

What is most valuable?

The most valuable aspect of the solution is that you can see all the process mistakes. You can see all the different types of unusualcsituations that you usually don't see in a traffic solution.

What needs improvement?

The solution would benefit from automation. Currently, you have to know what you are searching for.

For how long have I used the solution?

I've been using the solution for one month.

What do I think about the stability of the solution?

The solution is stable. We've never had any problems with it.

What do I think about the scalability of the solution?

The solution is scalable. So far, we have 12 networks done. We have about 500 users on it currently.

How are customer service and technical support?

I haven't had too much interaction with technical support. Technical support was in France but the experts were in England. It's good generally, but we haven't used the solution for too long.

Which solution did I use previously and why did I switch?

We didn't previously use a different solution.

How was the initial setup?

When you have an expert, the initial setup is easy, but if you do it on your own, it could be complex. Deployment takes at least a month.

Which other solutions did I evaluate?

We didn't evaluate another solution. We met the solution's team in Cannes for an IT meeting and decided to pursue discussions with implementation.

What other advice do I have?

We use the on-premises deployment model.

It's a quite clever solution. It has a lot of potential, but I'd advise those considering to hold off implementing the solution until after a newer version is released.

I'd rate the solution seven out of ten. If they added automation and included it in the price, I'd rate it higher.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.