Try our new research platform with insights from 80,000+ expert users

Aruba IntroSpect vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Aruba IntroSpect
Average Rating
8.6
Reviews Sentiment
7.5
Number of Reviews
3
Ranking in other categories
User Entity Behavior Analytics (UEBA) (25th), Network Traffic Analysis (NTA) (14th)
Vectra AI
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (5th), Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (16th), Identity Threat Detection and Response (ITDR) (9th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Aruba IntroSpect is designed for User Entity Behavior Analytics (UEBA) and holds a mindshare of 0.9%, up 0.9% compared to last year.
Vectra AI, on the other hand, focuses on Intrusion Detection and Prevention Software (IDPS), holds 8.0% mindshare, up 7.6% since last year.
User Entity Behavior Analytics (UEBA) Market Share Distribution
ProductMarket Share (%)
Aruba IntroSpect0.9%
Exabeam9.9%
IBM Security QRadar9.0%
Other80.2%
User Entity Behavior Analytics (UEBA)
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Vectra AI8.0%
Fortinet FortiGate16.6%
Darktrace13.8%
Other61.599999999999994%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Marko Pirc - PeerSpot reviewer
Key features are roaming, application control and the firewall
We are partners of Aruba as well as sellers and customers. My job in the company is IP network engineer.  The roaming is a feature that works very well. In addition, the application control and firewall features are very good. These are all important features and make the product a valuable one.…
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the end-user monitoring. If there is any abnormal behavior on the machine, the administrator will be alerted."
"I haven't heard of any issues with stability."
"Roaming feature, application control and firewall features."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them."
 

Cons

"Technical support is a little slow."
"The packet analyzer needs improvement."
"I would like to see improvements made to the dashboard, where you can get the information with a simple click."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"Other alternatives, like Darktrace, have a fancier UI."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"The advantages of the integration are not entirely out-of-the-box. You have to do it manually."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
 

Pricing and Cost Advice

"The license is based on the number of users. The evaluation license is free, you can download it from the website and try it out first."
"My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
"Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
"The licensing is on an annual basis."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"Vectra AI's pricing is cheaper than that of Darktrace."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"Vectra AI is not a cheap solution."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
report
Use our free recommendation engine to learn which User Entity Behavior Analytics (UEBA) solutions are best for your needs.
869,785 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
28%
Manufacturing Company
9%
Media Company
9%
Comms Service Provider
5%
Financial Services Firm
11%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

What is your experience regarding pricing and costs for Aruba IntroSpect?
Aruba Introspect has two licenses - advanced and standard. While we found the price of the advanced license to be a bit high, the standard license is reasonably priced and costs less than half the ...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

IntroSpect
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Sage Hotel, Centara Hotels and Resorts, Asda, The Dolder Grand,
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Aruba IntroSpect vs. Vectra AI and other solutions. Updated: May 2024.
869,785 professionals have used our research since 2012.