We compared Abnormal Security and Darktrace based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparison between Abnormal Security and Darktrace, Abnormal Security offers easy setup and seamless integration with Office 365, whereas Darktrace's setup can be difficult and time-consuming. Abnormal Security specializes in catching spear phishing attacks and has AI-based spam filtering, while Darktrace focuses on detecting threats and vulnerabilities using AI-driven capabilities. Abnormal Security could improve by addressing email slip-through and finding more partnerships, whereas Darktrace could enhance its false positive reduction and simplify configuration. Pricing-wise, Abnormal Security has fair prices and excellent customer support, while Darktrace's pricing and licensing model could be more flexible and support could be improved in certain areas.
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"Since we have started using the solution, there have been fewer compromises."
"The most valuable feature is protection against malicious links, fishing, and impersonation. You can train people to be aware of these threats, but they're not always careful. When they're using their phones between meetings, they click on a link, and it's game over."
"It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself."
"Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats."
"The initial setup was easy."
"The good part is that you don't have to configure it, which is very convenient."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"I have never encountered any stability issues with Abnormal."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"It is a very simple product to use."
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"Darktrace is extremely stable."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network."
"The UI needs to be more user-friendly."
"Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization."
"Microsoft Defender for Office 365 could improve by giving customers information on techniques to prevent threats. For example, information about best practices on how to protect their own devices against hackers and scammers, such as educational information or training. This would help others have a better understanding of cyber security. Additionally, there can be more security features added."
"We need a separate license and we don't know how to get the license that is required."
"One area for improvement is integration. For example, when it comes to external SaaS platforms, we were not able to get a lot of information on integrations with such apps for security and authentication."
"They have moved features from one console to another. Things have been moved around in the interface and it takes me time to find where certain features are."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"One feature I'd love to see is outbound scanning."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"I would like to have the ability to customize the auto-remediation feature."
"The biggest pain point for us is the lack of support for on-premise email systems."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"The pricing for academic institutions and student mailboxes is challenging."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"Upper management wasn't sold on the value proposition."
"It's a very complex platform."
"The module can improve so that every time it's more intelligent."
"The solution could be easier to use."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"Needs to improve its collaboration with local partners."
"The pricing model is a little too high and could be more flexible."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Abnormal Security is ranked 12th in Email Security with 8 reviews while Darktrace is ranked 11th in Email Security with 65 reviews. Abnormal Security is rated 9.6, while Darktrace is rated 8.2. The top reviewer of Abnormal Security writes "Provides comprehensive email security management, effective in detecting a wide range of email threats". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Abnormal Security is most compared with Mimecast Email Security, Egress Intelligent Email Security, Cloudflare Area 1 Email Security, Avanan and Barracuda Email Protection, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics. See our Abnormal Security vs. Darktrace report.
See our list of best Email Security vendors.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.