Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
Mandiant Advantage Attack Surface Management
Score 9.0 out of 10
Enterprise companies (1,001+ employees)
Since 2004, Mandiant has been a partner to security-conscious organizations. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
N/A
Pricing
Darktrace
Mandiant Advantage Attack Surface Management
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Darktrace
Mandiant Advantage Attack Surface Management
Free Trial
No
Yes
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
Yes
Entry-level Setup Fee
No setup fee
Required
Additional Details
—
—
More Pricing Information
Community Pulse
Darktrace
Mandiant Advantage Attack Surface Management
Features
Darktrace
Mandiant Advantage Attack Surface Management
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Darktrace
-
Ratings
Mandiant Advantage Attack Surface Management
7.7
1 Ratings
4% below category average
Network Analytics
00 Ratings
8.21 Ratings
Threat Recognition
00 Ratings
7.31 Ratings
Vulnerability Classification
00 Ratings
7.31 Ratings
Automated Alerts and Reporting
00 Ratings
8.21 Ratings
Threat Analysis
00 Ratings
8.21 Ratings
Threat Intelligence Reporting
00 Ratings
6.41 Ratings
Automated Threat Identification
00 Ratings
8.21 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
Many companies that have an presence can benefit from using Mandiant ASM to identify and manage their internet facing assets, like web servers, email servers and DNS servers. This helps reduce the risk of cyberattacks targeting these assets.However smaller organizations with exposure might not always need the extensive attack surface monitoring provided by Mandiant ASM. For example a small company with one website may not require much monitoring, as a larger corporation.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
Mandiant ASM combines sources of information such, as assets through the internet cloud resources and suppliers from third parties. This comprehensive approach provides organizations with an understanding of their external attack surface.
With scanning Mandiant ASM identifies threats and vulnerabilities present on the external attack surface and promptly notifies users. Whenever a new threat or vulnerability is detected an alert is generated to empower enterprises to take action in mitigating the risks.
Mandiant ASM assesses risks based on their likelihood of exploitation impact on organizations and severity. This prioritization enables organizations to focus their efforts, on addressing the risks effectively.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
To enhance user experience it would be beneficial to make the interface more user friendly and easier to navigate. This can be achieved by simplifying the layout offering help when needed and utilizing terminology that's easily understandable.
Additionally incorporating reporting features that are customizable will empower users to generate reports tailored to their individual requirements.
In order to enhance the solutions efficiency optimizing the code and implementing data structures would prove valuable.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
I decided to go with Mandiant Advantage Attack Surface Management because it offers a range of features performs excellently and is easy to use. What I really appreciate about Mandiant is their commitment, to innovation and their proven track record, in ensuring security.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
Automation plays a role in saving time by streamlining operations related to attack surface management. These include automated asset discovery, vulnerability scanning and continuous monitoring of threat intelligence. As a result security teams can allocate their efforts towards projects such as security planning and incident response.
ASM provides a view of the external attack surface, for businesses encompassing internet facing assets, cloud resources and third party vendors. This enhances the understanding of assets enabling organizations to identify and prioritize risks effectively and make decisions on security investments
One notable advantage is cost savings. By eliminating the need to purchase and maintain security tools ASM becomes a solution for enterprises. It can replace products, like asset discovery tools, vulnerability management tools and threat intelligence feeds with its capabilities.