TrustRadius
Darktrace headquartered in San Francisco provides enterprise network security with its machine learning autonomous network traffic analysis (NTA) software, providing an "Immune System" that detects novel or insider threats arising from malicious behavior.Darktrace offers an excellent AI engine can answer that question "Do I have malicious traffic in my network?"We use Darktrace in our main office. It helps us meet security assessment requirements of our clients that want to know how we know if there are bad actors in our environment.,Its very strong in recognizing unusual traffic. It learns what is normal and what is not normal. It helps to show if our users are hitting malicious websites or not. That is a nice bonus to help with our security awareness and know if our training is doing its job. Their weekly reports to us help highlight the most egregious traffic on our network. They are an extra set of eyes for us.,You have to have an appliance on each segment of your network. If you are not back hauling your traffic to your central data center, then each location has to have an appliance in order to cover that location. They gather so much detailed information that it is hard at time to decipher what I'm looking at. The way they name actions is unusual and should be changed. They need to label the parts of network traffic better.,7,One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network. If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind. You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.,,Centrify Application Services, KnowBe4 Enterprise Awareness Training Program, ZendeskWhy I didn't pick DarktraceBrought it in to act as an intelligence gatherer for network traffic - specifically to look for anomalies and help identify potential threats and suspicious activity. I installed it at the network core, so it was able to view all traffic (well, mostly all traffic - we had a few issues with some of the VLANs and my switches are configured for fault tolerance, which it also had an issue with) moving from inside to outside.,It did an ok job of analyzing and collecting data. It used a span (mirrored) port and then using its own algorithm developed flow records. It did an ok job of segmenting traffic into networks - not always correctly, but ok. It tried to identify devices by type - once again, it did ok, but not that great.,Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112). Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything. Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.,2,None - we chose not to move forward. The price of the product did not warrant the investment.,AlienVault OSSIMDarkTrace is great for small to medium size businessesWe needed a better insight into network security threats that might be in our organization. DarkTrace provides an invaluable service of not only giving us the ability to dig deep into possible network intrusions but also has a weekly summary of possible network security issues. One of the main reasons we chose DarkTrace was that they provided the weekly report put together by a security professional. We review this weekly report and take action as needed.,Network Security Security Analysis Threat Detection Whole Packet Capture,Initial configuration Security Analyst timely response to questions GUI,9,We had an ROI just during the POC. DarkTrace helped us identify a ransomware attack and we stopped it before it happened. The weekly reports more than pay for itself within the first few months. The powerful search capability helps us solve problems where other solutions fall short.,,Splunk Light
  3. Darktrace Reviews
Unspecified
Darktrace
8 Ratings
Score 7.2 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Darktrace Reviews

Darktrace
8 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.2 out of 101

Do you work for this company? Manage this listing

Show Filters 
Hide Filters 
Filter 8 vetted Darktrace reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Show All Filters
More Filters 
Less Filters 

Reviews (1-3 of 3)

Do you use this product? Write a Review
No photo available
September 17, 2018

Darktrace offers an excellent AI engine can answer that question "Do I have malicious traffic in my network?"

Verified User
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use Darktrace in our main office. It helps us meet security assessment requirements of our clients that want to know how we know if there are bad actors in our environment.
  • Its very strong in recognizing unusual traffic. It learns what is normal and what is not normal.
  • It helps to show if our users are hitting malicious websites or not. That is a nice bonus to help with our security awareness and know if our training is doing its job.
  • Their weekly reports to us help highlight the most egregious traffic on our network. They are an extra set of eyes for us.
  • You have to have an appliance on each segment of your network. If you are not back hauling your traffic to your central data center, then each location has to have an appliance in order to cover that location.
  • They gather so much detailed information that it is hard at time to decipher what I'm looking at.
  • The way they name actions is unusual and should be changed. They need to label the parts of network traffic better.
It's excellent at using its AI engine to learn your environment when it first gets set up. Then over time it know what it has seen in the past and what it hasn't, so you can investigate what could be malicious traffic or not. It shouldn't be considered the end all, be all for networking monitoring, but just another tool to use.
Read this authenticated review
Matt Frederickson profile photo
January 12, 2018

Why I didn't pick Darktrace

Matt Frederickson
Score 2 out of 10
Vetted Review
Verified User
Review Source
Brought it in to act as an intelligence gatherer for network traffic - specifically to look for anomalies and help identify potential threats and suspicious activity. I installed it at the network core, so it was able to view all traffic (well, mostly all traffic - we had a few issues with some of the VLANs and my switches are configured for fault tolerance, which it also had an issue with) moving from inside to outside.
  • It did an ok job of analyzing and collecting data. It used a span (mirrored) port and then using its own algorithm developed flow records.
  • It did an ok job of segmenting traffic into networks - not always correctly, but ok.
  • It tried to identify devices by type - once again, it did ok, but not that great.
  • Really had a poor time of identifying devices and what the device's purpose was - a simple nmap scan did a better job. The problem is they expect you to fine-tune the results - which is exactly what you would expect - but day one it found over 2,000 servers (and I only have 112).
  • Really had a hard time separating network traffic into locations - I use distinct subnets for my buildings, but there was no good way to create a logical map of my traffic internally. Did not garner a sense of trust that it was seeing everything.
  • Sat through a few "analyst" reports - which showed me possible threats in my environment. I am already using a few open source tools, and they actually found more than the analyst reports. Also, there was no way to get the reports on your own - you had to work through their analysts to get the information.
In my opinion, based on what I saw, the product is not ready for prime time yet. The GUI interface was slick but very difficult to use. There was no reporting capability. There was no availability to integrate other products or share data easily. The people were very nice and easy to work with - but in my opinion, no one who worked on developing the product has spent any time on a day-to-day basis in the trenches. While I get the brain trust behind the product (and it is very, very impressive), there is still a disconnect between the developers and the end-users. For the cost of the product (quite expensive), the end user base is not going to be satisfied with the product, especially since I can get the same, and better, information from other products.
Read Matt Frederickson's full review
No photo available
January 12, 2018

DarkTrace is great for small to medium size businesses

Verified User
Score 9 out of 10
Vetted Review
Verified User
Review Source
We needed a better insight into network security threats that might be in our organization. DarkTrace provides an invaluable service of not only giving us the ability to dig deep into possible network intrusions but also has a weekly summary of possible network security issues. One of the main reasons we chose DarkTrace was that they provided the weekly report put together by a security professional. We review this weekly report and take action as needed.
  • Network Security
  • Security Analysis
  • Threat Detection
  • Whole Packet Capture
  • Initial configuration
  • Security Analyst timely response to questions
  • GUI
Recommend: for a company with limited security resources that needs a better look into possible network intrusions. Not suited for: a company that has a full SOC staff that has time and resources to dedicate to network security threats.
Read this authenticated review

Darktrace Scorecard Summary

Likelihood to Recommend (8)
7.2

About Darktrace

Darktrace headquartered in San Francisco provides enterprise network security with its machine learning autonomous network traffic analysis (NTA) software, providing an "Immune System" that detects novel or insider threats arising from malicious behavior.
Categories:  Network Security,  Network Traffic Analysis (NTA)

Darktrace Technical Details

Operating Systems: Unspecified
Mobile Application:No