Darktrace Overview

Darktrace is the #1 ranked solution in our list of top Intrusion Detection and Prevention Software. It is most often compared to Cisco Stealthwatch: Darktrace vs Cisco Stealthwatch

What is Darktrace?

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides enterprise-wide cyber defense to over 4,700 organizations, protecting the cloudemailSaaStraditional networksIoT devicesendpoints, and industrial systems.

A self-learning technology, Darktrace AI autonomously detects, investigates, and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss, and supply chain vulnerabilities.

The company has 1,500 employees globally, with headquarters in Cambridge, UK. Every second, Darktrace AI fights back against a cyber-threat, before it can cause damage.

Darktrace Buyer's Guide

Download the Darktrace Buyer's Guide including reviews and more. Updated: May 2021

Darktrace Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol

Darktrace Video

Pricing Advice

What users are saying about Darktrace pricing:
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "It is inexpensive considering what it can do and the competition."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Director Comercial México at Aubay
Reseller
Top 5
A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support

What is our primary use case?

We deployed Darktrace for one of the biggest telecommunications companies in Latin America. It is deployed on-premise, but it is more like a service because we don't care about the appliances. Even though it works with appliances, it is more related to the services to the connections that the solution can handle. Because of that, it is on-premise, but it also has a component with sensors that works for remote instances, almost like a cloud solution. Some of the clients, especially in the security area, think that this appliance will replace a firewall or a prevention system solution, but it… more »

Pros and Cons

  • "It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
  • "It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace."

What other advice do I have?

Over the past years, I have seen some customers say, "No, I have Endpoint protection. I have intrusion prevention. I have a firewall. I don't need anything like that." My advice is that first of all, open your mind to new solutions because this type of solution will catch everything that the rest of the solutions that you have won't catch. That's the first thing. The second thing is that do not limit the work of the people who work with Darktrace by saying that you know your network because we can assure you that you don't know your network and the threats that are inside and outside the…
Director at Baverianvine
Reseller
A great solution for threat detection that intelligently and immediately responds to attacks across your enterprise system

What is our primary use case?

We use it to deploy to enterprise customers to provide them with a complete, reliable and intelligent threat detection and response system.

Pros and Cons

  • "A simple, powerful AI solution that just does all the work for you when you turn it on."
  • "It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."

What other advice do I have?

My advice to people and organizations considering this as a solution is: go buy it. They shouldn't waste their time fussing and looking around at other solutions. It works. I've done administrating for several years, and this is the one solution that works. It complements what you have, whatever that is. It is like a plug-and-play component. There is no solution that does what it does. You even have some excellent systems like Cisco's Stealthwatch — these are just the three packet analysis technologies. Darktrace is actually DPI (Deep Packet Inspection), which in my markets is now called the…
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
479,124 professionals have used our research since 2012.
GP
Data Security Manager at a sports company with 201-500 employees
Real User
Has the ability to see events and have access to exactly what traffic or website a device had tried connecting to

What is our primary use case?

I'm a customer data security manager and we are looking at replacing our current solution, McAfee, with something like Darktrace or CrowdStrike which will provide the same visibility with the endpoint protection aspect.

Pros and Cons

  • "Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
  • "The product doesn't have an endpoint agent that can react to triggers set on the device,"

What other advice do I have?

I would suggest to anyone considering this option to identify if this is going to be a monitoring tool to supplement an existing system or if this is going to be another product in your existing security suite of tools. I would rate this product an eight out of 10.
FH
Founder and Director at a tech services company with 11-50 employees
Real User
Top 20
Good detection capability and reduces our team's effort, but there should be more visibility at the endpoint level and less effort in fine-tuning

What is our primary use case?

I'm currently heading cybersecurity for 1,500 entities. Some of them have deployed Vectra, and some of them have deployed Darktrace. Darktrace has been in the UK market for a while, whereas Vectra is a not-so-old player in the UK market. We are using the latest version of Darktrace but not their latest offering. They are now also providing email security over the Darktrace platform, but we have not been utilizing that. We have been utilizing their network detection and response and some part of automated incident response (IR) capability. We have a hybrid infrastructure. Some centers are… more »

Pros and Cons

  • "In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
  • "In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."

What other advice do I have?

I would rate Darktrace a seven out of ten. It is a good solution, but it requires some improvements.
MP
Senior Security & Infrastructure Architect at a retailer with 10,001+ employees
Real User
Top 20
Built-in AI analytics helps give you total visibility of your architecture assets

What is our primary use case?

I am working with Darktrace in concert with F5, Tufin, and SAP security products.

Pros and Cons

  • "AI analytics are built directly into the product."
  • "It is a very simple product to use."
  • "A reporting portal could be a great addition to help customize reports."

What other advice do I have?

If someone asked me for advice about the product I would definitely highly recommend it to those who need this type of solution. It is really good. It has given us a view of our company and it has actually caught a couple of people that were doing data exfiltration and stealing data from our company. We caught them doing it in the act in live time, which is just incredible. On the scale from one to ten where one is the worst and ten is the best, I would definitely rate this product at the moment as a ten. It is a perfect solution for our needs.
Assistant Manager at a financial services firm with 201-500 employees
Real User
Strong cyber-security solution but it has too many false positives

What is our primary use case?

Generally, we use Darktrace for behavioral analytics. We use it in the inner-network and the outside network for malicious connectivity. Darktrace gives us support with networks. We follow all the notifications and sometimes we block malicious IPs from the firewall.

Pros and Cons

  • "Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
  • "Darktrace needs to automate the reports of false positives, botnets and everything."

What other advice do I have?

Based on our experience with DarkTrace, I would advise that if they are comparing prices, ROI and everything, I think Darktrace is better than FireEye. On a scale of 1 to 10 I can rate it a 6. I give it a 6 because it's been a year learning everything, and technology, attacks and patents are changing everyday.
IV
Application & Security Specialist at a financial services firm with 1,001-5,000 employees
Real User
Easy to use with an intuitive dashboard, powerful AI, and inbuilt data packet analysis

Pros and Cons

  • "The Dynamic Threat Dashboard is very nice, as it lists all of your threats and rates them, and then you can choose whether to investigate further."
  • "This is quite an expensive product so the pricing is something that can be improved."

What other advice do I have?

We're very pleased with Darktrace so it is a bit difficult to pinpoint areas for improvement. It covers all of our needs and from what I can see, it does the basics very well. There are many advanced features, also. This is a solution that I definitely recommend. It offers a proof of value rather than a proof of concept, where they run the tool in your network, let it learn and then catch any vulnerabilities. Then you will actually see the value of the solution, either potentially blocking any exploitive threats or not, but its a really good thing to go through. To do this, I think that you…
Chief Operations & Information Officer at MineWorkers Provident Fund
Real User
Top 10
Delivers as expected, provides good analytics around the real-time monitoring of our network, and has good reporting and reporting period

What is our primary use case?

We have Antigena on the email, and we also use the network monitoring capabilities. We are using the latest version of the Antigena Email and AI analytics platform.

Pros and Cons

  • "I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities."
  • "One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."

What other advice do I have?

In terms of our organization, we are a massive IT organization or financial services company. We've got a very small ITP, but we've got a lot of data. We are not sure about Darktrace in terms of its capacity to deal with huge data, but it is probably too early for me to give some sort of indication of what is not big. At the moment, they are delivering on the set objective in terms of what I want to achieve as a CIO, and I'm quite happy with some of the deliverables that are coming through at the moment. In terms of what our requirements were and what we expect in terms of what we want them to…
See 14 more Darktrace Reviews