How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use it to protect IoT devices. Darktrace does network traffic analysis. So, by analyzing all traffic patterns in your environment, you can detect any type of anomalous activity, as far as the network is concerned. I have been using its latest version. Its deployment depends on the environment. It can do sensors in the cloud, and it can also do on-prem.
Darktrace is used for cybersecurity, you can buy it as a physical appliance or solution as a service on the cloud. I tried the on-premises solution to detect any threat over our network.
We are primarily using the solution for network monitoring as well as cybersecurity.
I use it for my business. Within our organization, there are around 500 people using this solution. We want to continue using Darktrace but it's very expensive.
I'm currently heading cybersecurity for 1,500 entities. Some of them have deployed Vectra, and some of them have deployed Darktrace. Darktrace has been in the UK market for a while, whereas Vectra is a not-so-old player in the UK market. We are using the latest version of Darktrace but not their latest offering. They are now also providing email security over the Darktrace platform, but we have not been utilizing that. We have been utilizing their network detection and response and some part of automated incident response (IR) capability. We have a hybrid infrastructure. Some centers are deployed in the cloud, and some centers are deployed on-prem. The management platform is currently on-prem, but the plan is to move it to SaaS.
We have Antigena on the email, and we also use the network monitoring capabilities. We are using the latest version of the Antigena Email and AI analytics platform.
Darktrace is deployed on our LAN, inside the network. No site, no internet, it's just for monitoring the LAN, local access network. It helps us to find a lot of threats inside the network. We are very happy with the solution. You don't need to have a lot of analysts with Darktrace who are making or following the incident. This solution helps you to send the notification and avoid threats.
Our primary use case of this solution is for visibility. We try to get the global view of our network from an audit perspective on any given day, and figure out how that will impact our business. I'm a project coordinator and we are customers of Darktrace.
We mostly use it for investigating cases. It is deployed on-premises. We have some new projects for this year to extend Darktrace to the cloud.
We are using it for proof of concept purposes. We are using it to monitor all traffic on our network, and it is analyzing the traffic. We have 5,000 users. We are using the latest version.
We are using this solution for both the detection and elimination of attacks.
We deployed Darktrace for one of the biggest telecommunications companies in Latin America. It is deployed on-premise, but it is more like a service because we don't care about the appliances. Even though it works with appliances, it is more related to the services to the connections that the solution can handle. Because of that, it is on-premise, but it also has a component with sensors that works for remote instances, almost like a cloud solution. Some of the clients, especially in the security area, think that this appliance will replace a firewall or a prevention system solution, but it doesn't replace them. It actually complements them because the firewall decides to allow or deny a connection, and a prevention system is designed to avoid any type of risks to the connection or intrusion on the network. Darktrace allows you to find the unknown threats inside the network and identify them by using some artificial intelligence. It can do all the tracking inside or outside the network. It is connected directly to the core switch, and in the first stage, it probably takes about a month to learn the behavior of the network and the users. With that, it starts to know what type of information is correct inside the network, and what type of information probably would be a risky connection or risky data moving from one site to another. It then starts doing the alerting. After the first stage or the learning stage is complete, we can find the size of the network. The second stage is the use of a different model inside the solution called Antigena. It works like the antibodies inside our body. Once it detects something that is wrong inside the network, it not only does the alerting but also takes the decision to block that type of connection in order to avoid any information leak or any possible risky connection. If somebody is doing some data mining, it disables connection to the engine that is doing the data mining.
We are a system integrator and we pose solutions, including this one, to our clients. It is mainly used to reinforce response capabilities with respect to network security.
The primary use case for Darktrace is for tracking intruders and alerting for network threats.
I am working with Darktrace in concert with F5, Tufin, and SAP security products.
Darktrace makes up part of our security solution and it is able to operate without intervention from IT staff.
I'm a customer data security manager and we are looking at replacing our current solution, McAfee, with something like Darktrace or CrowdStrike which will provide the same visibility with the endpoint protection aspect.
Generally, we use Darktrace for behavioral analytics. We use it in the inner-network and the outside network for malicious connectivity. Darktrace gives us support with networks. We follow all the notifications and sometimes we block malicious IPs from the firewall.
Primarily we use the solution to spot problems that cannot be found by other solutions.
Our primary use case of this solution is for endpoint data and we've had good results with Darktrace.
We use it to deploy to enterprise customers to provide them with a complete, reliable and intelligent threat detection and response system.
Our primary use case of this solution is to monitor lateral traffic.
* Security * Network visibility * Breach detection in a VMware environment of about 25 VMs.
Let the community know what you think. Share your opinions now!