Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
HCL BigFix
Score 7.1 out of 10
N/A
BigFix, now supported by HCL Technologies since the acquisition of BigFix from IBM in 2018, is an endpoint management solution providing endpoint visibility and IT asset discovery, automated endpoint patching (BigFix Lifecycle and BigFix Patch) policy enforcement (BigFix Compliance), and software asset discovery for licensed and unlicensed software (BigFix Inventory).
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
Patch Management for Diverse Devices: HCL BigFix is ideal for organizations with a diverse range of devices, including laptops, desktops, cloud, virtual machines, and mobile devices. Its endpoint management functionality enables seamless patching across various operating systems such as Windows, MacOS, ChromeOS, and Linux.
Comprehensive Patch Management: With HCL BigFix, organizations can achieve comprehensive patch management across their IT infrastructures. It ensures that all endpoints, regardless of the operating system, receive timely and secure patches, reducing vulnerabilities and enhancing overall security.
Troubleshooting and Monitoring: HCL BigFix excels in providing a dashboard that effectively displays problematic and functional machines. This feature allows IT teams to quickly identify and address issues, improving overall troubleshooting efficiency. However, there are some scenarios where HCL BigFix may be less appropriate or areas for improvement: 1. Coverage Expansion: It is important for HCL BigFix to continue expanding its coverage to include all possible resources installed within the IT infrastructure. Ensuring comprehensive coverage can enhance its effectiveness. 2.On-Site and OS Upgrades: Optimizing the process of on-site and operating system upgrades can help streamline the deployment process further. Improvements in this area would contribute to a smoother and more efficient upgrade experience. 3.Communication Speed: Enhancing the speed of communication between the HCL BigFix agent and the server can help improve the overall responsiveness and efficiency of the solution.
Pricing Optimization: Adjusting the pricing of HCL BigFix to be more cost-effective would make it more accessible and attractive to organizations of different sizes and budgets.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
We have significantly enhanced our ability to patch desktops, including laptops, desktop, cloud, virtual machines and other mobile devices used by end-users. BigFix's endpoint management functionality allows us to seamlessly patch a wide range of operating systems, such as Windows, MacOS, ChromeOS, and Linux systems, ensuring comprehensive patch management across IT infrastructures. We have established a track record of delivering secure and hassle-free patching solutions to our clients
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
