Try our new research platform with insights from 80,000+ expert users

Aruba IntroSpect vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Aruba IntroSpect
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
3
Ranking in other categories
User Entity Behavior Analytics (UEBA) (25th), Network Traffic Analysis (NTA) (14th)
Vectra AI
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (5th), Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (16th), Identity Threat Detection and Response (ITDR) (9th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Aruba IntroSpect is designed for User Entity Behavior Analytics (UEBA) and holds a mindshare of 0.9%, up 0.9% compared to last year.
Vectra AI, on the other hand, focuses on Intrusion Detection and Prevention Software (IDPS), holds 8.0% mindshare, up 7.6% since last year.
User Entity Behavior Analytics (UEBA) Market Share Distribution
ProductMarket Share (%)
Aruba IntroSpect0.9%
Exabeam9.9%
IBM Security QRadar9.0%
Other80.2%
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Vectra AI8.0%
Fortinet FortiGate16.6%
Darktrace13.8%
Other61.599999999999994%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Marko Pirc - PeerSpot reviewer
Key features are roaming, application control and the firewall
We are partners of Aruba as well as sellers and customers. My job in the company is IP network engineer.  The roaming is a feature that works very well. In addition, the application control and firewall features are very good. These are all important features and make the product a valuable one.…
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the end-user monitoring. If there is any abnormal behavior on the machine, the administrator will be alerted."
"Roaming feature, application control and firewall features."
"I haven't heard of any issues with stability."
"Using this tool for automation has provided more benefits to our processes."
"The administrative privilege detection feature is the most valuable feature. The admin accounts are often highly accessible to the high-risk component of the environment. If those accounts are compromised or are being used in a suspicious manner, that's high-fidelity events for us to look into."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
 

Cons

"Technical support is a little slow."
"The packet analyzer needs improvement."
"I would like to see improvements made to the dashboard, where you can get the information with a simple click."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated."
"The solution's marketing is not good."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
 

Pricing and Cost Advice

"The license is based on the number of users. The evaluation license is free, you can download it from the website and try it out first."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"The pricing is very good. It's less expensive than many of the tools out there."
"The solution is low-cost and affordable."
"The pricing is high."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
"The licensing is on an annual basis."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
869,771 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
28%
Manufacturing Company
9%
Media Company
9%
Comms Service Provider
5%
Financial Services Firm
11%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

What is your experience regarding pricing and costs for Aruba IntroSpect?
Aruba Introspect has two licenses - advanced and standard. While we found the price of the advanced license to be a bit high, the standard license is reasonably priced and costs less than half the ...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

IntroSpect
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Sage Hotel, Centara Hotels and Resorts, Asda, The Dolder Grand,
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Aruba IntroSpect vs. Vectra AI and other solutions. Updated: May 2024.
869,771 professionals have used our research since 2012.