Likelihood to Recommend Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
Read full review Very stable and cost-effective. Better integration with leading database vendors would be great; this would address features that are missing like x-windows support and concurrent secure file transfers. Patching is relatively fast and not as frequent as other vendors (with no impact on adherence to security best practices). Very easy to install and low storage footprint. Read full review Pros Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network. Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation. Darktrace comes with it autonomous AI model detection and responses capabilities. Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network. Read full review Most up to date secure/encryption technology. Very fast to set up and maintain. Supported by all major hardware platforms (Microsoft, Linux). Read full review Cons There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update. Read full review X-windows support could be more robust. Virtual shell adaptation could be improved. Greater concurrency for large secure transmissions would be a great add-on. Read full review Likelihood to Renew It's a powerfull product that help administrators to provide email security to our organization.
Good metrics about received emails that help us to determine in doubt case if the email is a false positive or it's malware.
They're improving the product releasing continuous updates and have mobile phone app to manage it.
Read full review Usability Darktrace comes with a simple usability interface with easy navigation and organisation.
Read full review Support Rating Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Read full review Support organization is active, so is online community boards. There have been no significant issues that haven't been able to be quickly addressed by either online documentation or F-Secure support. Easy to use diagnostic tools and information gathering, make problem analysis fast. Phone support can be different due to time zone differences, but this has not been a major issue. Read full review Alternatives Considered We did NOT select Darktrace.
OSSIM /AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Read full review This suite of software does not have any mentionable competition, in my opinion. It adheres to current security protocols, in-frequent patching requirements, low IT overhead, and on-going support are exemplary. Robust documentation and online community boards help keep support and maintenance transparent and efficient. Legacy support for older OS' is quite useful. Simplicity when onboarding into custom hybrid network configurations is also vital. Read full review Return on Investment One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network. If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind. You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic. Read full review Very low cost. Low IT overhead (very low network bandwidth, CPU, storage utilization). Supported by all major hardware vendors. Read full review ScreenShots