IT Central Station is now PeerSpot: Here's why

Arista NDR vs Darktrace comparison

Cancel
You must select at least 2 products to compare!
Vectra AI Logo
14,467 views|6,983 comparisons
Arista Logo
3,795 views|1,423 comparisons
Darktrace Logo
47,229 views|30,837 comparisons
Featured Review
Buyer's Guide
Arista NDR vs. Darktrace
May 2022
Find out what your peers are saying about Arista NDR vs. Darktrace and other solutions. Updated: May 2022.
610,190 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.""The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff.""It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response.""The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away.""It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload.""It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra.""The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those.""Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."

More Vectra AI Pros →

"The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that.""It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now.""The security knowledge graph has been very helpful in the sense that whenever you try a new security solution, especially one that's in the detection and response market, you're always worried about getting a lot of false positives or getting too many alerts and not being able to pick out the good from the bad or things that are actual security incidents versus normal day to day operations. We've been pleasantly surprised that Awake does a really good job of only alerting about things that we actually want to look into and understand. They do a good job of understanding normal operations out-of-the-box.""We appreciate the value of the AML (structured query language). We receive security intel feeds for a specific type of malware or ransomware. AML queries looking for the activity is applied in almost real-time. Ultimately, this determines if the activity was not observed on the network.""The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'""The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use.""When I create a workbench query in Awake to do threat hunting, it's much easier to query. You get a dictionary popup immediately when you try to type a new query. It says, "You want to search for a device?" Then you type in "D-E," and it gives you a list of commands, like device, data set behavior, etc. That gives you the ability to build your own query."

More Arista NDR Pros →

"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network.""It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk.""Darktrace is very useful for us because it has a large number of models for detecting threats.""In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful.""The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network.""AI analytics are built directly into the product.""It is a very simple product to use.""The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."

More Darktrace Pros →

Cons
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats.""Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass.""Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM.""The false positives and the tuning side of it is something that could use improvement. But that could be from our side.""In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment.""I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing.""The main improvement I can see would be to integrate with more external solutions.""I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."

More Vectra AI Cons →

"Awake Security needs to move to a 24/7 support model in the MNDR space. Once they do that, it will make them even better.""They've been focused on really developing their data science, their ability to detect, but over time, they need to be able to tie into other systems because other systems might detect something that they don't.""One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out.""While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal.""The one thing that the Awake platform lacks is the ability to automate the ingestion of IOCs rather than having to import CSV files or JSON files manually.""One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far.""When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way."

More Arista NDR Cons →

"The interface and dashboards could be improved for ease-of-use.""They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity.""In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions.""It would be good if they can include some endpoint protection for remote workers. Nowadays, most people are working remotely. Therefore, they should include some type of sensors that can be installed on the endpoint in order to directly report the main usage and protect remotely. Phone protection will also be a great feature to add to Darktrace.""This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious.""The user interface and the configuration are a bit complex and should be improved or simplified.""I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there.""In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."

More Darktrace Cons →

Pricing and Cost Advice
  • "The pricing is very good. It's less expensive than many of the tools out there."
  • "The pricing is high."
  • "Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
  • "From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."
  • "Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
  • "Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
  • More Vectra AI Pricing and Cost Advice →

  • "Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model."
  • "We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher."
  • "The solution is very good and the pricing is also better than others..."
  • "The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at."
  • "Awake's pricing was very competitive. It's not a cheap option though. It's an investment to utilize it, but it's one that we decided was worth the cost, with the managed services. At our scale, it was a much better option to utilize their software and their managed services to handle this, rather than hiring another person to be an analyst. It was quite cost-effective for us."
  • "Because I represent a hedge fund, I have some leverage. I told them that they had to meet my conditions if they wanted me as a client. It was the same way with Awake. They wanted an initial four-year agreement. Initially, we signed on for a one-year contract, but they wanted the four-year deal when it came time for the renewal. I told them that I was not doing that. I said that they either had to do it on my terms, or I'd go somewhere else."
  • More Arista NDR Pricing and Cost Advice →

  • "The pricing is a little high compared to the competition."
  • "Our customers feel that the price of Darktrace is quite high compared to other solutions."
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "When it comes to large installations, it can be expensive, but for small accounts it's fine."
  • "It is a very expensive product."
  • "It is expensive. I don't have the price for other competitors."
  • "This solution is expensive."
  • "The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
  • More Darktrace Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
    610,190 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a… more »
    Top Answer:Cost is a big factor, as always. However, I think we have a very good price–performance ratio.
    Top Answer:If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex… more »
    Top Answer:When I create a workbench query in Awake to do threat hunting, it's much easier to query. You get a dictionary popup… more »
    Top Answer:I got a deal when I bought Awake. It's if you go to buy a car and end up ripping off the dealer. I don't think many… more »
    Top Answer:We take in IOCs from my SOC and from AlienVault, and then we focus on traffic that hits IOCs and alerts us to it. The… more »
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Top Answer:We are able to detect a lot of things, actually, and see what is happening in our network.
    Comparisons
    Also Known As
    Vectra Networks, Vectra AI NDR
    Awake Security Platform
    Learn More
    Overview

    Vectra threat detection and response is a complete cybersecurity platform that collects, detects, and prioritizes security alerts. The Cognito platform for Network Detection and Response (NDR) detects and responds to attacks inside cloud, data center, Internet of Things, and enterprise networks. The platform also provides automated response capabilities for low-level threats and escalates more severe anomalies to security personnel.

    Cognito captures data for multiple relevant sources and enriches it with context and security insights. It starts by deploying sensors across different networks in datacenters, IoT, or enterprise networks. The algorithm extracts relevant metadata from network and cloud traffic. The information can also be non-security information that can help investigation. 

    The data is enriched with security context to support critical use cases, such as threat detection, investigation, hunting and compliance. The platform is machine learning-based, which enables it to adapt to any new and current threat scenario. It detects, clusters, prioritizes, and anticipates attacks by using identity and host-level enforcement. 

    With the Vectra platform, a person can investigate 50 threats in just two hours. By prioritizing alerts and leveraging threat intelligence, it provides faster results.Vectra solves today’s security challenges for network detection and response. 

    One of Vectra’s best features is the emphasis they put in pairing research and data science for security insights. It offers behavior codification with unsupervised, supervised, and deep learning models. 

    The pricing is according to a subscription model with a free trial available.Vectra is available for Office 365, Azure AD and AWS Brain.

    Features of Vectra AI

    • AI-based threat detection and response. 
    • Detects attacks in real time with behavior-based threat detection. 
    • Consolidates and correlates thousands of events, detecting threats. 
    • Enriches threat investigation with a chain of evidence and data science security insights. 
    • Machine learning techniques, including deep learning and neural networks. 
    • Gives visibility into cyberattackers and analyzes all network traffic. 
    • Continuous updates with new threat detection algorithms. 
    • Provides encryption at rest and in transit. For the AWS version, it offers AES-256 encryption via AWS Key Management Service. 
    • Guaranteed availability according to the SLA of the service selected. 
    • Does not connect to public sector networks. 

    Benefits of Vectra AI

    • Behavioral models use AI to find unknown attackers. 
    • Context increases the accuracy of threat hunting. 
    • Allows for proactive action by prioritizing the most relevant information. 
    • Provides a clear picture and extensive context for investigations. 
    • Aids decision-making in the incident response process. 
    • Helps working with large datasets by capturing metadata at scale. 
    • Automates time-consuming analysis. 
    • Reduces the security analysts’ workloads on threat investigations. 

    Other advantages of Vectra services include that they can be deployed in the public, private, or hybrid cloud. Support is available via email or online ticketing with an average of 4 hours of response. Phone support is available 24/7. 

    Vectra provides full on-site and online training and documentation. Regarding the user interface, it supports several types of web browsers, such as Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari and Opera. However, it is not available for mobile devices.

    Reviews from Real Users

    Here’s what PeerSpot users of Vectra AI have to say about it:

    "One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us." - Dave W., Operations Manager at a healthcare company

    "It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low.” - T.S., Senior Security Engineer at a manufacturing company

    Arista NDR (formerly Awake Security) is the only advanced network detection and response company that delivers answers, not alerts. By combining artificial intelligence with human expertise, Arista NDR hunts for both insider and external attacker behaviors, while providing autonomous triage and response with full forensics across traditional, IoT, and cloud networks. Arista NDR delivers continuous diagnostics for the entire enterprise threat landscape, processes countless network data points, senses abnormalities or threats, and reacts if necessary—all in a matter of seconds. The Arista NDP platform stands out from traditional security because it is designed to mimic the human brain. It recognizes malicious intent and learns over time, giving defenders greater visibility and insight into what threats exist and how to respond to them. 

    The Advent of Advanced Network Detection and Response & Why it Matters

    The 5 Levels of Autonomous Security paper

    Darktrace is a world leader in Autonomous Cyber AI and offers several different desirable tools available to provide a wide array of outstanding support and superior threat security. Darktrace works with many different popular solutions, such as Microsoft 365, Azure, AWS, and many more.

    Darktrace offers many different products to keep every type of business enterprise safe.

    Darktrace’s Enterprise Immune System is uniquely designed to learn the status quo of your operating system and is thereby quickly able to discover any anomalies, abusive behavior, and potential cyber threats and stop them immediately before there is any threat to your organization. With Darktrace’s Enterprise Immune System, you have complete transparency across your entire operational system. Darktrace utilizes intuitive self-learning to discover potential new known attacks externally and also locate any internal threats. Darktrace is intuitively self-adapting and will quickly learn the best way to keep your critical systems safe at all times, even as your business changes and grows.

    Darktrace offers an Industrial Immune System, which is specifically designed to understand the unique technologies of industrial systems and aggressively protect the integrity and durability of those ecosystems. You will get full transparency of OT, IT, and industrial IoT.

    Darktrace Antigena combines the best of the Autonomous Response technology to keep your enterprise ecosystems safe at all times. Darktrace Antigena has the decision-making ability to easily identify suspicious behavior and can stop in-progress threats such as cyber-attacks, ransomware, and threats to your cloud or proprietary infrastructure. Darktrace Antigena will provide protection to keep your systems safe and avoid any downtime or negative impact on your organization's productivity.

    Darktrace Cyber AI Analyst works as an investigative solution that instantly rates, interprets, and reports on the entire range of potential security threats. Darktrace Cyber AI Analyst uses an intuitive analysis process to investigate 100% of all potential threats. Each and every threat is rated and a response plan is created to direct your teams on the best possible course of action needed to immediately resolve the issue. Darktrace AI Analyst also handles Zero-day malware and ransomware. The automated threat investigation can work faster to develop a plan, follow issues, and investigate than any human component. Darktrace AI will save time and money by adding an additional supplemental layer of security to your organization.

    Darktrace provides outstanding enterprise-wide cyber defense to more than 5,500 organizations worldwide that rely on Darktrace daily to keep their business ecosystems running at maximum efficiency and productivity without any unplanned downtime within the overall business operation. Darktrace has a super-fast, machine-speed defense supported by the unique Autonomous Response that can take some of the pressure off of your security team and at the same time mount an aggressive fightback continuing to develop a safer defense every day.

    Reviews from Real Users

    Imad A., Group IT Manager at a manufacturing company, says, “"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."

    A Security Engineer at a real estate/law firm states, "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."







    Offer
    Learn more about Vectra AI
    Identify hidden network threats


    Your network may have security risks that you don't know about. Schedule a live demo to see how you can use Awake Security to identify and mitigate these threats.

    Learn more about Darktrace
    Sample Customers
    Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
    - Dolby Laboratories- Seattle Genetics- ARM Energy- Ooma- Prophix- Yapstone
    Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol
    Top Industries
    REVIEWERS
    Financial Services Firm19%
    Retailer19%
    Manufacturing Company13%
    Mining And Metals Company13%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider23%
    Government7%
    Financial Services Firm6%
    REVIEWERS
    Insurance Company18%
    Financial Services Firm9%
    Legal Firm9%
    Engineering Company9%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Comms Service Provider22%
    Financial Services Firm5%
    Manufacturing Company4%
    REVIEWERS
    Financial Services Firm20%
    Computer Software Company16%
    Government8%
    Venture Capital & Private Equity Firm4%
    VISITORS READING REVIEWS
    Comms Service Provider23%
    Computer Software Company20%
    Government7%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business18%
    Midsize Enterprise6%
    Large Enterprise76%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    REVIEWERS
    Small Business18%
    Midsize Enterprise18%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise20%
    Large Enterprise62%
    REVIEWERS
    Small Business47%
    Midsize Enterprise18%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise22%
    Large Enterprise53%
    Buyer's Guide
    Arista NDR vs. Darktrace
    May 2022
    Find out what your peers are saying about Arista NDR vs. Darktrace and other solutions. Updated: May 2022.
    610,190 professionals have used our research since 2012.

    Arista NDR is ranked 5th in Network Traffic Analysis (NTA) with 7 reviews while Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 26 reviews. Arista NDR is rated 8.8, while Darktrace is rated 8.4. The top reviewer of Arista NDR writes "it's much easier to create your own queries and hunt for threats". On the other hand, the top reviewer of Darktrace writes "A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support". Arista NDR is most compared with Cisco Stealthwatch, Corelight, ExtraHop Reveal(x), Splunk User Behavior Analytics and Palo Alto Networks Threat Prevention, whereas Darktrace is most compared with CrowdStrike Falcon, Cisco Stealthwatch, SentinelOne, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Arista NDR vs. Darktrace report.

    See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.

    We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.