Skip to main content
TrustRadius
Darktrace

Darktrace

Overview

What is Darktrace?

Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for…

Read more

Learn from top reviewers

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Darktrace?

Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization.…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

190 people also want pricing

Alternatives Pricing

What is OpenNMS Meridian?

OpenNMS Meridian is a scalable open source network management platform with network traffic analysis, network discovery, alerting, and monitoring. It's presented as a solution to monitor enterprise network performance and ensure the availability and performance of critical network services.

Return to navigation

Product Demos

Darktrace - Zero Trust Lab Demo

YouTube

DEMO DARKTRACE Darktrace Cyber AI Platform

YouTube

DEMO DARKTRACE Darktrace Cyber AI Platform

YouTube

Darktrace CSRF exploit (CVE-2019-9596 and CVE-2019-9597)

YouTube

Grove Cybersecurity - Darktrace testimonials

YouTube

Darktrace Respond Network Overview/Darktrace Antigena Demo

YouTube
Return to navigation

Product Details

What is Darktrace?

Darktrace Cyber AI Loop helps users reduce risk and harden security. The Darktrace Cyber AI Loop is built on continuous feedback and an interconnected understanding of the enterprise. Darktrace monitors and protects people and digital assets across the IT ecosystem. Self-Learning AI learns normal patterns of life to identify the malicious behaviors that don't belong.

Darktrace Features

  • Supported: Virtual deployment
  • Supported: Integrations: Darktrace is designed with an open architecture to complement an existing infrastructure.
  • Supported: Self-learning to understand the human, not just the email address

Darktrace Video

Darktrace 6: Loop Ready

Darktrace Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo

Frequently Asked Questions

Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.

The most common users of Darktrace are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(68)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

The Threat Visualizer has proven to be an invaluable tool for security operation centers, allowing them to focus on critical issues amidst the complex threat landscape. Users have praised its AI models for effectively detecting abnormal threats and potential security breaches. With its visual representation of network activity and connections, the Threat Visualizer enables users to observe the flow of the network, providing crucial insights into potential vulnerabilities. Darktrace Antigena email, a component of Darktrace's suite of security solutions, has been commended for its real-time threat analysis and blocking capabilities. This feature enhances email security by identifying and mitigating potential threats before they can cause harm. Darktrace's role as an intelligence gatherer for network traffic has been highly appreciated by customers, who value its ability to identify anomalies and potential threats. Organizations have also benefited from Darktrace's capability to track suspicious activity and unauthorized access, enabling them to take prompt action and mitigate any potential risks. The integration of Darktrace with other security and monitoring tools such as Splunk and Solarwinds has further enhanced its effectiveness in comprehensive threat detection and response. With its scalability and robust monitoring capabilities, Darktrace has become a popular choice in the market. By constantly monitoring networks and triggering alerts for abnormal behavior, it provides organizations with thorough system monitoring that is essential in today's digital landscape. With packet captures for analysis and a mobile app for monitoring alerts on the go, Darktrace offers convenience and flexibility to its users. Additionally, Darktrace's provision of a weekly summary of network security issues delivers valuable insights that help organizations stay ahead of potential threats. Customers appreciate how Darktrace's AI and ML capabilities continuously monitor network traffic and user behavior, enhancing overall network visibility. The product integrates seamlessly with Microsoft 365 for email security, successfully identifying phishing emails and blocking malicious attachments and links. One key advantage that users have noted about Darktrace is its ease of installation. It provides organizations with deep insights into network activity, including obsolete protocols and Data Loss Prevention breaches. In addition to meeting security assessment requirements, Darktrace helps organizations proactively identify potential threats in their environment. Overall, the Threat Visualizer and Darktrace's suite of security solutions have been highly regarded for their ability to provide comprehensive threat detection and response, enhancing overall network security.

Comprehensive AI-based NDR solution: Users have found Darktrace to be a comprehensive AI-based network detection and response solution. Several reviewers appreciate its ability to detect anomalies in user behavior as well as network infrastructure like routers, servers, and endpoints.

Effective prevention of malicious traffic: Many users highly appreciate Darktrace's autonomous AI model detection and response capabilities. They applaud its effectiveness in preventing, containing, and quarantining malicious traffic in the corporate network.

Valuable security features: Darktrace's ability to block malicious attachments and phishing emails is regarded as a valuable feature by users. They find it reassuring that Darktrace provides excellent security to corporate email systems, enhancing overall cybersecurity measures.

Confusing User Interface: Some users have found the user interface to be confusing, suggesting a need for improvement in the IU language. Excessive Blocking: Several users experienced excessive blocking, making the software overly restrictive. Difficulty Removing Emails: Users mentioned that removing an email from the inbox took too much time. Inaccurate Device Identification: One user had a poor experience with device identification, stating that a simple nmap scan performed better. Lack of Comprehensive Network Traffic Mapping: The software was criticized for not providing a good way to create a logical map of network traffic between subnets. Limited Threat Detection and Reporting: Some users expressed concerns about inaccurate threat detection and incomplete reporting capabilities when compared to open-source tools.

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why

If you want to unleash the Power of AI for Threat Detection, go for Darktrace

Rating: 9 out of 10
May 01, 2024
Verified User
Vetted Review
Verified User
Darktrace
4 years of experience
We have been using Darktrace for Threat Detection, Network Visibility, Antigena features/PREVENT for automated responses and to be in compliance. It's AI and ML capabilities to continuously monitor network traffic and user behavior are exceptional. It gives an in-depth visibility to our network. We have integrated it with Microsoft365 for Emails which helps detect phishing emails, malicious attachment blocking, spam filtering and malicious link blocking.
  • It detects anomalies or deviations from this baseline, it can raise alerts or take automated actions to investigate and mitigate the issue.
  • It's "Antigena" feature can take automated actions in response to detected threats. You can have antigena for both network and emails and the system will do the blocks at it's own
  • It integrates with Microsoft365 to identify and respond to email-based threats, including phishing attempts and malicious attachments.
It's best suited for network anamoly detection and prompt action via antigena for network It's also best suited for Email security and malicious email detections Since, the detections are AI based you may get some false positives from time to time Right after implementation it's difficult to handle due to it's learning behavior Requires some time to learn It not the best for Intrusion prevention scenarios but does a great job for threat detections
  • Antigena for network
  • Antigena for Email
  • Malicious link blocking
  • Machine learning model
  • Positive impact: Early Threat Detection
  • Positive impact: Reduced Manual Effort
  • Positive impact: Compliance Assistance
  • Positive impact: Improved Incident Response
  • Positive impact: Reduced Downtime
  • Negative impact: Training and Skill Requirements
  • Negative impact: False Positives
  • Negative impact: Implementation Costs
Darktrace is better in terms of scalability, ease of integration, and ongoing support
50
IT Security
IT Infrastructure
IT Service Desk
5
Network and Communication
Email/SMTP
TCP/IP
Services & Protocols
IT Security
  • Network Security
  • Email Security
  • Model Breach Alerts
  • Auto Actions via Antigena

Darktrace Antigena email a good solution to protect corporate email.

Rating: 10 out of 10
October 06, 2023
AR
Vetted Review
Verified User
Darktrace
1 year of experience
We use Darktrace Antigena email to protect our employees from any threat that can arrive by email. Our email provides, does an initial filtering, but not enough to provide a good security solution. Antigena email provides machine speed to analyze and block if necessary, using AI.
  • Block malicious attachments.
  • Block phishing emails.
  • Provide an awesome security to corporate email.
  • Good analytics and metrics about emails.
  • Block any threat before it impact you.
  • Good dashboard.
  • Really interesting metrics.
  • Easy to use and integrate with your current email provider.
  • DLP
  • Protected us from ransomware attacks.
  • Protected us from phishing attacks.
  • Protected us from several malicious campaigns against us.
  • Helps in DLP area, you can see who's sending emails outside organization.
Cybersecurity: Email protection.

Antigena email is a way to secure the email using AI. The product gives you metrics and a score rating that can help administrators to know if an email is potentially malicious, why and stop it.
3
Darktrace has free training courses that are very important to follow to understand how the product works and how to use it.
It's recommended you have some cybersecurity knowledge, and email administrator skills.
  • Email protection using AI
  • DLP
  • Statistics
  • Easy to use dashboard. Programmable reports
  • Data Loss prevention
  • Metrics about email campaings against us
  • IaaS protection
It's a powerfull product that help administrators to provide email security to our organization.
Good metrics about received emails that help us to determine in doubt case if the email is a false positive or it's malware.
They're improving the product releasing continuous updates and have mobile phone app to manage it.

Darktrace - Some Shortcomings

Rating: 1 out of 10
November 11, 2021
JK
Vetted Review
Verified User
Darktrace
2 years of experience
We implemented Darktrace 2 years ago for our organisation of approximately 350 users. The system was identified as a smart learning AI system that would protect the business against a range of cyberattacks.
  • Very Clever Marketing
  • Clever use of the AI
I would warn any IT manager against this system. It is frustrating. Support is very poor and slow. Changes do not get implemented. We are removing the system and looking elsewhere. Ask yourself, how smart is a system that simply uses your existing mail history to determine if it will accept the next email. The system has no ability for the users to identify false positives or train it. It places a lot of pressure on the helps desk. I question where the AI lies.
  • Intelligent mail scanning
  • Threat minimization
  • The system has cost the business money in added pressure on the it Team.

Good tool but a LOT of false positives

Rating: 7 out of 10
February 19, 2020
Verified User
Vetted Review
Verified User
Darktrace
2 years of experience
I worked with Darktrace in a couple of organizations (from 300 to 1000+ users). Darktrace is a beneficial product to keep track of lateral network traffic inside of the organization. It augments the firewall, which looks at the traffic moving in and out of the company's LAN. Darktrace utilizes SPAN ports on switches to get the traffic, that's the only configuration needed outside of the Darktrace appliance, making installation relatively easy. If organization has multiple locations, either multiple Darktrace units will be required, or the network must be configured to forward SPAN traffic. Darktrace does provide beneficial insights into network activity inside the network, such as the use of obsolete protocols, DLP breaches, etc.
  • Ease of installation and configuration - Darktrace appliance is very close to plug and play (SPAN port configuration should be easy for any network admin). Darktrace provides comprehensive onboarding for customers as well, so you do not feel lost during the configuration of the device.
  • Identifying and tracking of the devices on the network - Hostname, OS, IP, MAC, previous activity - everything can be seen in the same interface. It is so much easier than tracking device in question across the firewall, DHCP, DNS logs.
If organization has money to spend on Darktrace (licensing is based on the number of endpoints in the network) and has staff to sift through all the alerts the device creates, Darktrace does improve security significantly. You will see what is going on inside the network, in real-time, and in easy to understand manner. The problem is that there are a lot of things going on inside of any corporate network. The AI of the Darktrace appliance has a hard time reducing the number of events to look at to a reasonable level. Whoever is thinking about buying Darktrace must be ready to spend a lot of man-hours working with the product, clearing false positives and tweaking rules.
  • Multiple security problems were identified through the use of Darktrace that would not have been identified otherwise.
  • Reduction of IT workload was not achieved - the product requires continuous manual intervention.
We looked into several competitors and are still looking, due to the problems Darktrace has with false positives. Darktrace is attractive as their support is generally good, and working with the product is relatively easy.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.

Darktrace offers an excellent AI engine can answer that question "Do I have malicious traffic in my network?"

Rating: 7 out of 10
September 17, 2018
Verified User
Vetted Review
Verified User
Darktrace
1 year of experience
We use Darktrace in our main office. It helps us meet security assessment requirements of our clients that want to know how we know if there are bad actors in our environment.
  • Its very strong in recognizing unusual traffic. It learns what is normal and what is not normal.
  • It helps to show if our users are hitting malicious websites or not. That is a nice bonus to help with our security awareness and know if our training is doing its job.
  • Their weekly reports to us help highlight the most egregious traffic on our network. They are an extra set of eyes for us.
It's excellent at using its AI engine to learn your environment when it first gets set up. Then over time it know what it has seen in the past and what it hasn't, so you can investigate what could be malicious traffic or not. It shouldn't be considered the end all, be all for networking monitoring, but just another tool to use.
  • One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
  • If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
  • You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
We have not evaluated others as they seem to be in their own class.
Return to navigation