Vectra AI Reviews

Vectra AI is the #3 ranked solution of our top Intrusion Detection and Prevention Software tools. It's rated 4.5 out of 5 stars, and is most commonly compared to Darktrace - Vectra AI vs Darktrace

Filter by:
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Real User
Head of Information Security at a insurance company with 1,001-5,000 employees
Jan 07 2020

What is most valuable?

It gives us the point of where something is happening, which is the key thing for us. (I know that there is a back-end recall, which probably gives a lot more data, but we… more »

How has it helped my organization?

The key improvement for us were: * The additional monitoring 24/7, and using the high fidelity alerting from Vectra rather than SIEM, This was our biggest change. We have… more »

What needs improvement?

Room for improvement depends on how their strategy and roadmap develops, as they have a lot of third-parties that they integrate with, e.g., more orchestration around what… more »

What's my experience with pricing, setup cost, and licensing?

We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that… more »

Which solution did I use previously and why did I switch?

It isn't a tool set to replace a current tool set. It's just an additional feature. For me, it has only increased our workload, but that's because we had nothing there… more »

What other advice do I have?

People do a lot more than we actually see. Looking at the test and development guys, sometimes they do things that they don't understand. So, they will do it because it… more »

Which other solutions did I evaluate?

When we started off, apart from money, we had to look at behavioral analysis. We weren't sure where we wanted to go with the solution, whether we wanted to look at the… more »
Real User
Global Security Operations Manager at a manufacturing company with 5,001-10,000 employees
Mar 01 2020

What is most valuable?

One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This… more »

How has it helped my organization?

We have a limited use of Vectra Privileged Account Analytics for detecting issues with privileged accounts at the moment. That is primarily due to the fact that our… more »

What needs improvement?

You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it… more »

What's my experience with pricing, setup cost, and licensing?

At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016… more »

Which solution did I use previously and why did I switch?

Previously, we had a general sensor solution taking logs. We didn't have an equivalent detection platform for our network nor did we have a tool capable of providing us… more »

What other advice do I have?

Make sure you have a dedicated resource committed to daily use of the tool. Because the selling point is it frees up your time, reducing the amount of time you need to… more »

Which other solutions did I evaluate?

We did review the marketplace and look around. For example, we looked online at Darktrace, but we didn't run a side by side comparison to see which one would work better… more »
Learn what your peers think about Vectra AI. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
441,850 professionals have used our research since 2012.
Real User
Sr. Specialist - Enterprise Security at a mining and metals company with 5,001-10,000 employees
Mar 12 2020

What is most valuable?

The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular… more »

How has it helped my organization?

What we have seen over the course of the three to four months it has been in place is that it has not found anything bad. That's good news because nothing specific has happened. But we have identified… more »

What needs improvement?

One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain… more »

What's my experience with pricing, setup cost, and licensing?

We have a one-year subscription that covers support and everything. There is no other overhead.

What other advice do I have?

One thing we have learned using Vectra is that anomaly detection is a critical component of security; a non-signature-based technology is very critical. It helps pick up things that other tools, which… more »

Which other solutions did I evaluate?

We evaluated Darktrace, in addition to Vectra, each in a PoC. We chose Vectra because the things that Vectra picked up were far more useful, and necessary from an enterprise point of view. Darktrace… more »
Real User
Manager, IT Security at a energy/utilities company with 201-500 employees
Jun 11 2020

What is most valuable?

It gives you a risk score of everything that you just found. The quadrant approach is useful because if there are things in the lower-left quadrant, then we don't necessarily need to look at them… more »

How has it helped my organization?

We had a gap where we didn't necessarily have a managed service, which we do today, but at the time we needed something that would help us detect malicious behavior and anomalies within the… more »

What needs improvement?

I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable. I would like to see some… more »

Which solution did I use previously and why did I switch?

A few years ago when we were looking at this, we had a gap in the organization. We didn't have like a managed service offering. We had an on-prem SIEM, but we didn't have a large team so we didn't… more »

What other advice do I have?

There was no complexity with Vectra; it is very simplistic. However, for the tool to be effective, you want to make sure that you place your sensors in appropriate places. Other than that, you let the… more »

Which other solutions did I evaluate?

We looked at NextGen traffic analysis type of solutions, like Darktrace. Then, we looked at Vectra. I found Vectra was a bit more intuitive. I think both products had some really good offerings. What… more »
Real User
Cyber Security Analyst at a financial services firm with 1,001-5,000 employees
Jan 13 2020

What is most valuable?

We mainly use it for the detection types, checking dark IPS or command-and-control traffic. We bought Recall so we can have more information. Recall is an addition onto… more »

How has it helped my organization?

It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things… more »

What needs improvement?

We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they… more »

What's my experience with pricing, setup cost, and licensing?

The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses. There are additional features that can be purchased in… more »

Which solution did I use previously and why did I switch?

We decided that we wanted to have an alert within 30 minutes, which is doable with this solution. It fulfills our needs. However, we didn't have this before, so it has… more »

What other advice do I have?

Start small and simple. Work with the Vectra support team. The solution’s ability to reduce false positives and help us focus on the highest-risk threats is the tricky… more »

Which other solutions did I evaluate?

We investigated Darktrace, Vectra, and Cisco Stealthwatch. Darktrace and Vectra plus Recall were similar in my opinion. Darktrace was a bit more expensive and complex… more »
John Vicencio
Real User
Cyber Specialist, Forensics at Richemont
May 05 2020

What is most valuable?

The most valuable features are Cognito Recall and Cognito Detect. I didn't think Vectra AI actually provided this functionality, but essentially it gives you access, with Recall, to instant visibility into your network through something… more »

How has it helped my organization?

The solution captures network metadata at scale and enriches it with security information. We store metadata for three months. Just to be able to scale the amount of information that we collect on the networks is a problem in itself. We… more »

What needs improvement?

Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team. In my… more »

What other advice do I have?

My advice would be to really utilize the support and collaborate with Vectra. The solution requires heavy usage and customization to your environment. They provide the guidelines and you just have to be able to fill in the specifics. If you… more »

Which other solutions did I evaluate?

We evaluated other options. I wasn't the person who decided on Vectra AI at the time, but we were looking at Darktrace and other machine learning-type solutions. Vectra fit the niche of what we needed, from the perspective of the former… more »
Eric Weakland
Real User
Director, Information Security at American University
Jun 11 2020

What is most valuable?

I find the network artificial intelligence and machine learning to be most valuable because we have also significantly increased the amount of traffic that we inspect. This has kind of lowered the… more »

How has it helped my organization?

The Privileged Account Analytics for detecting issues with privileged accounts is very important because, like any organization, we have people from low-privileged, regular users all the way to… more »

What needs improvement?

Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated. I think the company has been very responsive, willing to… more »

Which solution did I use previously and why did I switch?

We switched from an open source solution to Cognito because there was a lower operational maintenance burden and it provided more visibility into our environment. It also has more analysis and initial… more »

What other advice do I have?

We don't have that big of a cloud presence yet. However, the solution would correlate behaviors in our enterprise network and data centers with behaviors we see in our cloud environment because part… more »

Which other solutions did I evaluate?

We looked at some of Vectra's competitors. We had Snort and also used Bro. We also used Argus and NetFlow collector. Therefore, we looked at what were the products out there that could sort of… more »
Headofinfosec82347
Real User
Head of Information Security at a retailer with 1,001-5,000 employees
Jul 28 2020

What is most valuable?

What is pretty good is the unknown unknowns. It's the anomalies to the norm and the intelligence behind it that helps us to dig through a mountain of data and find the stuff that's important to us. It… more »

How has it helped my organization?

We don't have very much in the way of IDS or IPS on our estate, so we're relying on Vectra AI to do that sort of work for us. We're allowing that to look at our traffic and to flag up to us on our… more »

What needs improvement?

The false positives and the tuning side of it are some things that could use improvement but that could be from our side. I don't want to criticize the product for performance with our role out of it… more »

What's my experience with pricing, setup cost, and licensing?

They compare very favorably against the competition in terms of price. Nothing in this area is cheap. There is a lot of value in the products that you're buying, but they have come in at the right… more »

Which solution did I use previously and why did I switch?

We didn't have anything in place before Vectra AI. I have used another solution in the past. I used Darktrace where I was before. It compares very favorably with Darktrace. I wouldn't say it was any… more »

What other advice do I have?

My advice would be to make sure it is planned and deployed properly. That's a problem with my organization, not a problem with Vectra AI. Otherwise, if you don't build it to the specifications that… more »
See 2 More Vectra AI Reviews

What is Vectra AI?

Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.

Also known as
Vectra Networks, Vectra AI NDR
Vectra AI customers

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association