Darktrace

We use Darktrace's NETWORK and EMAIL services to monitor for and act upon anomalous activity. Their use of AI algorithms allows the detection system to instantly halt all threatening traffic. In addition, the EMAIL service uses similar technology to weed out malicious email, perform email link locking and blocking, and more to keep your users and network safe.

• They will negotiate on pricing if you're insistent
• Expect 5%+ price increase for each year across the contract

Palo Alto Networks Advanced Threat Prevention, Palo Alto Networks Advanced URL Filtering and Palo Alto Networks Cortex XDR

Palo Alto Networks Cortex XDR, Palo Alto Networks Advanced Threat Prevention, Palo Alto Networks Advanced URL Filtering

We installed Darktrace to scan our network traffic to identify anomalies and potential threats. The install was reasonable as the device just requires a TAP port. (I recommend giving it the fastest tap you can.) The device learned for a few weeks and then switched into identification mode, altering us to non-standard activity.

• There were a few critical times where the network scanning identified the source of issues we suspected, but could not pin down
• At least one time the device provided detailed information we would not have found any other way

Sophos Managed Detection and Response

We have been using Darktrace for Threat Detection, Network Visibility, Antigena features/PREVENT for automated responses and to be in compliance. It's AI and ML capabilities to continuously monitor network traffic and user behavior are exceptional. It gives an in-depth visibility to our network. We have integrated it with Microsoft365 for Emails which helps detect phishing emails, malicious attachment blocking, spam filtering and malicious link blocking.

• Antigena for network
• Antigena for Email
• Malicious link blocking
• Machine learning model

• Positive impact: Early Threat Detection
• Positive impact: Reduced Manual Effort
• Positive impact: Compliance Assistance
• Positive impact: Improved Incident Response
• Positive impact: Reduced Downtime
• Negative impact: Training and Skill Requirements
• Negative impact: False Positives
• Negative impact: Implementation Costs

Symantec Advanced Threat Protection and Palo Alto Networks Next-Generation Firewalls - PA Series

Palo Alto Networks Next-Generation Firewalls - PA Series, Microsoft 365, AWS Backup

The Darktrace's Threat Visualizer leverage an enterprise immune system technology to detect and respond to network activity in a way that is intended for use by security operation centres, threat analysts, and network security experts. Business problems Darktrace helps us address; -

<ul><li>The Threat Visualizer employs the underlying AI models to dynamically detect threats that are actually abnormal in the increasingly complex threat landscape, enabling us at the SOC to concentrate attention and expertise where it is needed. </li><li>

</li><li>The Threat Visualizer gives us a visual representation of all network activity and connections—both internal and external—between all machines and users, allowing us to observe how the network is flowing. </li><li>It functions on a broad scale, highlighting various hazards and anomalies for the analyst's attention, and on a more specific one, enabling you to drill down.</li></ul>

• Threat visualizer
• Self -learning Al model
• Darktrace UEBA antigen model -
• Darktrace AI analyst feature.
• self-quarantine and alerting feature.

• It has increase business process
• Decision making process improvement.
• Meeting regulator and industry wide compliance.
• Acquiring industry known business certification.
• Boost customer confidence .

Cisco Secure Network Analytics

Cisco Secure Network Analytics, Trellix Detection as a Service, NetWitness Network

We use Darktrace Antigena email to protect our employees from any threat that can arrive by email. Our email provides, does an initial filtering, but not enough to provide a good security solution. Antigena email provides machine speed to analyze and block if necessary, using AI.

• Block any threat before it impact you.
• Good dashboard.
• Really interesting metrics.
• Easy to use and integrate with your current email provider.
• DLP

• Protected us from ransomware attacks.
• Protected us from phishing attacks.
• Protected us from several malicious campaigns against us.
• Helps in DLP area, you can see who's sending emails outside organization.

Barracuda Email Security Gateway and Proofpoint Email Protection

Hyper-V, TeamViewer, Veeam Data Platform Foundation, Rydoo, Adobe Acrobat, VMware Cloud Director, Fortinet FortiGate, ManageEngine ServiceDesk Plus