Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
Microsoft Purview Data Loss Prevention
Score 7.9 out of 10
N/A
Microsoft Purview Data Loss Prevention is used to provide intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams, and on the endpoint. It also helps prevent data loss through identifying and preventing risky or inappropriate sharing, transfer, or use of sensitive data on endpoints, apps, and services.
N/A
Pricing
Darktrace
Microsoft Purview Data Loss Prevention
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Darktrace
Microsoft Purview Data Loss Prevention
Free Trial
No
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Darktrace
Microsoft Purview Data Loss Prevention
Features
Darktrace
Microsoft Purview Data Loss Prevention
Data Preparation
Comparison of Data Preparation features of Product A and Product B
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
It's definitely best for customers. If your main collaboration tools are hosted on Microsoft 365, and your company uses M365, this is a no-brainer. So this integrates pretty nicely with all Microsoft applications. So it becomes a no-brainer to go with this. Less appropriate would be like if you already are using another solution to do classification, I would still stick to Microsoft Purview Data Loss Prevention being that classification, but if you want to use it in the scenarios where you already have a tool and you're classifying documents, data, using that tool and you want Microsoft Purview Data Loss Prevention just to label and apply protection documents that is also supported, but the comprehensiveness, the end-to-end story would still be missing if you're investigating an incident.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
The ability to create groups of people that would access a certain label, having been able to organize the data access to the document access, and protecting repositories with the same level of criticality, regardless of where they're located in the company. That's quite good because we had a lot of document distribution, and it helped provide the same layer of protection regardless of where they're stored.
The other good thing is that it provided traceability of what was going on with the label. So I could understand how many people were trying to access a document that weren't meant to. So it gave me an idea of how well protection was working, not only because people who did have access accessed it, but also I could trace that people who didn't have access couldn't do it.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
I'd say over the last couple of years, there have been some great advancements in Microsoft Purview Data Loss Prevention, so I really do like that. I think some of the challenges I see with Microsoft Purview Data Loss Prevention today are in the first-party world; it does provide some real-time capabilities, but the alerting on DLP has a big lag. And some of our customers, actually, one of my customers in particular, whom I advise heavily, ran into a situation where they were getting hours of delays when they were getting critical, sensitive alerts. So being able to provide that in a more real-time way for both internal use within Microsoft and for third-party products, I think, would be significantly impactful. E-share, as a platform, also uses DLP in order to automate our policy, as I mentioned before. And some of that is a challenge because some of the capabilities we do need real-time information for aren't exposed to us based on the current capabilities that Firmy provides.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
Just because it's so easy to navigate and, for the most part, even areas that I don't know about, the support channels are very clear and concise, and they respond very quickly to whatever I need. They'll guide me through whatever I don't understand, and sometimes there are a lot of things added in there.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Symantec or now? Brocom. Forcepoint, GPV. I'm trying to think of, there's a couple more. I can't think of the top of my head. I would say closer to the bottom then rather than the top. So because of the fact that yes, it integrates well. But in terms of the actual functionality of DLP, there are other requirements that they just don't have the features for yet.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
Microsoft Purview Data Loss Prevention is included within the E5 license suite providing value to organizations who are using Microsoft technologies for their organization.
Provides the most extensive integration for Microsoft technologies.
Highly effective for building out a Data Security program and reducing risk exposure associated with data exfiltration.
Provides cross collaboration between assurance functions in a company (Security, Privacy, Risk, Audit)
