Darktrace Room for Improvement

Director at Baverianvine
It is hard to really address what needs to be improved in the respect that it does everything I would expect of a superior solution. It is simple enough to use because the interface is quite simple, the setup is quick and painless — in only an hour the product is installed. Users can train on the system in less than three hours. When the configuration is complete they will already know what to do and they can just go on and use the product. I think that the price is quite good compared to other, similar products. They already have a plugin that you can use to set up integration with virtually any other product. Maybe it could come with a few more built-in integrations, such as adding ServiceNow. They already have built-in integration with Antigena Cyber AI Response Modules for the clouds and for the network (AWS & Azure), and they did Office 365 (email), and SaaS applications as well. I guess a few more options and opportunities like this built-in would be nice. It is not a big thing. View full review »
Data Security Manager at a sports company with 201-500 employees
The product is automated to a certain degree, but I think this could be improved. I'm looking for a way of being able to react to threats that are detected based on risk. Aside from that, there is nothing really that they could improve on, it's a product more suited to organizations with an SOC, security operations center, or a company with an IT team of network security members because it relies on constantly monitoring it to see information based on the risks of events. In our case, we have a small IT team, which means that a large amount of time would have been spent drilling into it. If something did happen on the network, we'd ideally be responding to it reactively instead of proactively. Some of the other products we tested did that so that if something was detected, it would block that device by means of an endpoint, which halts the process and gives you time to check it out. Darktrace would tell you, for example, if there was a ransomware attack, but it wouldn't stop the attack. Other products would identify it as a ransomware attack and stop the network card on the endpoint, giving time to react to the alert, and proceed to cleanse or investigate the machine that's had a problem. That was our issue with Darktrace. The only reason that it looks like we are going down a different route is because of the endpoint protection issue. The product doesn't have an endpoint agent that can react to outcomes or triggers that are set on the device, otherwise, it would be great. View full review »
Assistant Manager at a financial services firm with 201-500 employees
Darktrace needs to simplify most of the positive reports. We have to field all the positive reports, false positives, too. Sometimes we need to check false positives manually. We have to filter false positives. After that, we configure it again. Then, we want to analyze these false positives. That's the main thing. If we are assessing features, this should be easier to handle. Darktrace needs to automate the reports of false positives, botnets, and everything. So far, I think the solution is good. Not excellent, good. View full review »
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
425,093 professionals have used our research since 2012.
Application & Security Specialist at a financial services firm with 1,001-5,000 employees
This is quite an expensive product so the pricing is something that can be improved. View full review »
Tom Gamali
Group CISO/CTO at Gulf Based Private Conglermate
The products is designed to monitor traffic sent and received via the corporate egress /network points. I would be interested to see further integration or development of a capability to obtain visibility of mobile devices such as Laptops and Mobiles, which operate outside of the network and may communicate specifically when off the corporate network. View full review »
Chief Operating Officer at Winstarbel Communications Limited
The pricing is based on the number of endpoints, so the program is rather expensive. I would like to see something that will fit my clients' budget. That is something they can work on to improve. Secondly, I would like to see my entire network, structurally and architecturally, on a single screen or in one single dashboard. Right now you have to keep going through different clippings to see everything. View full review »
Philippe Panardie
Security Officer at SDIS 49
The solution would benefit from automation. Currently, you have to know what you are searching for. View full review »
Product Owner - Cyber Security at a healthcare company with 10,001+ employees
Darktrace does not have any capabilities to configure. So I would like to see supervised machines and capabilities in the next version. View full review »
CEO at a tech services company with 11-50 employees
Block attack capabilities or integration with other SIEM solutions such as IBM QRadar. View full review »
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
425,093 professionals have used our research since 2012.