We performed a comparison between Corelight and Darktrace based on real PeerSpot user reviews.
Find out in this report how the two Network Traffic Analysis (NTA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It's an easy way for us to get visibility in a client's environment."
"It is easy to deploy and easy to handle."
"Corelight is easy to use."
"It's easy to create additional dashboards specific to supporting specific tasks."
"The most valuable feature is the embedded IDS from Suricata."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"It is a stable solution."
"The platform has many modules, and each module examines a different situation in the behavior."
"The most valuable feature is the alerts. The alerts are meaningful. The event rolls up into meaningful and actionable alerts rather than just being noise."
"The solution is outstanding from a monitoring perspective."
"They can enhance the interface of the product. They can make it more interactive and also easier to use for feature access."
"In the next release, building a graphical user interface would be helpful."
"Corelight hasn’t added features in a long time."
"Machine learning could be a good improvement, but it's very costly."
"The solution’s architecture is complex and difficult to understand. There are multiple machines and VMs."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"A reporting portal could be a great addition to help customize reports."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"The cost is a bit on the higher side."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
Corelight is ranked 7th in Network Traffic Analysis (NTA) with 5 reviews while Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 65 reviews. Corelight is rated 9.0, while Darktrace is rated 8.2. The top reviewer of Corelight writes "An open-source solution that gave us insight into our clients' network traffic flow ". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Corelight is most compared with ExtraHop Reveal(x), Vectra AI, Cisco Secure Network Analytics, Arista NDR and SolarWinds NetFlow Traffic Analyzer, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cybereason Endpoint Detection & Response. See our Corelight vs. Darktrace report.
See our list of best Network Traffic Analysis (NTA) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.