TrustRadius
Darktrace, from the global UK-headquartered company of the same name, is network security technology.https://dudodiprj2sv7.cloudfront.net/product-logos/l7/9I/OIITXAOLZ567.jpegDarktraceDarktrace offers an excellent AI engine can answer that question "Do I have malicious traffic in my network?"2018-09-17T16:52:07.211ZWe use Darktrace in our main office. It helps us meet security assessment requirements of our clients that want to know how we know if there are bad actors in our environment.,Its very strong in recognizing unusual traffic. It learns what is normal and what is not normal.
It helps to show if our users are hitting malicious websites or not. That is a nice bonus to help with our security awareness and know if our training is doing its job.
Their weekly reports to us help highlight the most egregious traffic on our network. They are an extra set of eyes for us.,You have to have an appliance on each segment of your network. If you are not back hauling your traffic to your central data center, then each location has to have an appliance in order to cover that location.
They gather so much detailed information that it is hard at time to decipher what I'm looking at.
The way they name actions is unusual and should be changed. They need to label the parts of network traffic better.,7,One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.,,Centrify Application Services, KnowBe4 Enterprise Awareness Training Program, ZendeskVerified UserWhy I didn't pick Darktrace2018-01-12T16:53:30.221ZBrought it in to act as an intelligence gatherer for network traffic - specifically to look for anomalies and help identify potential threats and suspicious activity. I installed it at the network core, so it was able to view all traffic (well, mostly all traffic - we had a few issues with some of the VLANs and my switches are configured for fault tolerance, which it also had an issue with) moving from inside to outside.,It did an ok job of analyzing and collecting data. It used a span (mirrored) port and then using its own algorithm developed flow records.
It did an ok job of segmenting traffic into networks - not always correctly, but ok.
It tried to identify devices by type - once again, it did ok, but not that great.,Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112).
Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything.
Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.,2,None - we chose not to move forward. The price of the product did not warrant the investment.,AlienVault OSSIMMatt FredericksonDarkTrace is great for small to medium size businesses2018-01-12T16:57:45.747ZWe needed a better insight into network security threats that might be in our organization. DarkTrace provides an invaluable service of not only giving us the ability to dig deep into possible network intrusions but also has a weekly summary of possible network security issues. One of the main reasons we chose DarkTrace was that they provided the weekly report put together by a security professional. We review this weekly report and take action as needed.,Network Security
Security Analysis
Threat Detection
Whole Packet Capture,Initial configuration
Security Analyst timely response to questions
GUI,9,We had an ROI just during the POC. DarkTrace helped us identify a ransomware attack and we stopped it before it happened.
The weekly reports more than pay for itself within the first few months.
The powerful search capability helps us solve problems where other solutions fall short.,,Splunk LightVerified User
Unspecified
Darktrace
6 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
