We compared Vectra AI and ExtraHop Reveal(x) based on our user's reviews in 4 parameters. After reading all of the collected data, you can find our conclusion below.
Vectra AI excels in customer service, advanced threat detection, and competitive pricing. User feedback on ExtraHop Reveal(x) highlights robust network visibility, intuitive user interface, and highly regarded customer support. Vectra AI users appreciate the affordability and flexibility of the pricing, while ExtraHop Reveal(x) users value the comprehensive analytics capabilities.
Features: Vectra AI stands out for its advanced threat detection capabilities, machine learning algorithms, and automated response features. ExtraHop Reveal(x) is praised for its robust network visibility, comprehensive analytics, and intuitive user interface.
Pricing and ROI: Vectra AI offers competitive pricing with reasonable setup costs and flexible licensing options. ExtraHop Reveal(x) is also well-received for its cost-effectiveness, low setup cost, and straightforward licensing process. Users have had positive experiences with both products in terms of pricing, setup cost, and licensing. Vectra AI delivered ROI that exceeded expectations with significant security and efficiency improvements. ExtraHop Reveal(x) was praised for enhancing network visibility and security with user-friendly interface and robust functionalities.
Room for Improvement: Vectra AI has room for improvement in its complex and unintuitive user interface, lack of customization options, occasional glitches, and high pricing. ExtraHop Reveal(x) could enhance its user interface, accuracy, documentation, and customer support for a better user experience.
Deployment and Customer Support: Vectra AI may be a bit complex and require additional customization for on-prem installations. ExtraHop Reveal(x) is considered simple and offers a user-friendly initial setup. Vectra AI stands out for its exceptional customer support, with knowledgeable staff providing quick solutions. ExtraHop Reveal(x) also has good support, however, it suffers from occasional quality issues.
The summary above is based on 31 interviews we conducted recently with Vectra AI and ExtraHop Reveal(x) users. To access the review's full transcripts, download our report.
"The most valuable features of ExtraHop Reveal(x) are the detection and alerting of network behavior and anomalies."
"We had useful information within the hour of deployment. The ability to trace back for historical analysis, as well as the behavioral analysis done with the security information, puts the user in a position to make an informed decision to mitigate the performance or security incidents. Regarding the security incidents, Reveal (x) is able to create incident cards that guide your teams through the incidents and gives you the option to delve into the transaction detail to potentially view payloads as well."
"Reveal X integrates seamlessly with CrowdStrike. If you see something sketchy on the network, you can quarantine devices through ExtraHop and it'll push to the CrowdStrike server."
"The security features of this solution are the most valuable."
"Setting up the solution is relatively easy."
"ExtraHop Reveal(x) is one of the tools that works out of the box when it comes to threat hunting."
"It's a wire analytics tool. We use it for isolating and determining issues on our network or applications. It does a lot for crediting the network as opposed to discrediting the network. A lot of people come along and say that it's a network issue. It's always considered to be a network issue, but by using ExtraHop, we can quickly tell them that it's not a networking issue. It's something to do with your application or something at the other end. It could be a database issue. This tool gives us the ability to pinpoint with great accuracy the comings and goings on our network."
"The solution's initial setup process is easy."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"Vectra AI is the best. It is a major product in our cybersecurity."
"Vectra AI generates relevant information."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"Vectra AI can bring the ability to detect intrusion on the network more so than legacy IDS tools."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data."
"ExtraHop Reveal(x) could improve by allowing a longer look back in the feature. Right now you have a limit of 30 days to look back on your activity. I've used Darktrace before, and they allow you the ability to play back events. This would be a good feature to have in ExtraHop Reveal(x)."
"The solution is expensive and gets more expensive if a company needs to scale it."
"It needs integration with more security vendors."
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
"The solution's reporting part and GUI are areas with certain shortcomings where improvements are required."
"I would like to see more cloud capability."
"The false positives and the tuning side of it is something that could use improvement. But that could be from our side."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 12 reviews while Vectra AI is ranked 2nd in Network Traffic Analysis (NTA) with 40 reviews. ExtraHop Reveal(x) is rated 8.6, while Vectra AI is rated 8.6. The top reviewer of ExtraHop Reveal(x) writes "It helps you visualize how data moves across your network". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". ExtraHop Reveal(x) is most compared with Darktrace, Corelight, Cisco Secure Network Analytics, Arista NDR and ExtraHop Reveal(x) 360, whereas Vectra AI is most compared with Darktrace, Cisco Secure Network Analytics, Arista NDR, Corelight and Trend Micro Deep Discovery. See our ExtraHop Reveal(x) vs. Vectra AI report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.