We performed a comparison between Cisco Stealthwatch and Darktrace based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The two solutions are very comparable. However, their features slightly differ, and each has its own strengths and weaknesses.
"The most valuable features provided by this solution are visibility and information."
"We find that Stealthwatch can detect the unseen."
"The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"Using the Cognitive Analytics feature, we have complete visibility that we didn’t have before."
"The solution has increased our threat detection rate. Cisco Stealthwatch has not reduced our incident response times. It has not reduced the amount of time it takes us to detect immediate threats. It has reduced false positives."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"The most valuable feature is integration."
"Stability is the most valuable feature we have seen in this solution."
"Provides great network protection."
"The AI-based pattern is the most valuable feature."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"The NDR is good in their solution and they have NTG for email."
"We have found the product to be stable and issue-free."
"It is a stable solution without downtime."
"It is very stable and easy to use."
"The solution is outstanding from a monitoring perspective."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"Some of our customers find this solution to be a little bit tough because they don't understand how to configure and use it."
"Many of these tools require extensive on-premises hardware to run."
"Stealthwatch needs improvement when it comes to speed."
"The visualization could be improved, the GUI is not the best."
"Cisco Stealthwatch can improve by having bundled packages for popular add-ons. It would be a lot easier for people implementing it, have let's say a better way to use the product."
"It would be better to let people know, up front, that is doesn't give you nice, clear information, as seen in the demos, without Cisco ISE installed."
"We would like the solution to make more advances in the way that Extreme Networks has been doing."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"The initial setup is more complex and time-consuming than some solutions."
"The pricing model is a little too high and could be more flexible."
"I would like to see some additional enhancements."
"Darktrace could improve by being more user-friendly."
"Getting logs from different sources can be a challenge."
"The interface and dashboards could be improved for ease-of-use."
More Cisco Secure Network Analytics Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 4th in Network Traffic Analysis (NTA) with 7 reviews while Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 32 reviews. Cisco Secure Network Analytics is rated 8.2, while Darktrace is rated 8.2. The top reviewer of Cisco Secure Network Analytics writes "Improved our organization greatly but greater customizability would be beneficial". On the other hand, the top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". Cisco Secure Network Analytics is most compared with Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI, Arista NDR and Gigamon Deep Observability Pipeline, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Cisco Secure Network Analytics vs. Darktrace report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
CylancePROTECT is AI-powered endpoint protection that will scan your endpoint devices with AI and Machine Learning security. It does not work with traditional signature-based protection and will cover your endpoints against the latest malware and event Potential Unwanted Programs. We are also a Darktrace partner and if interested we can demo both Cyber Security solutions to your company. If you are interested in more information about CylancePROTECT and Darktrace and would like to run a free POC, please contact me at cj@groveis.com.
Raffael Marty, Vice President, Forcepoint Research and Intelligence, said: "There is no artificial intelligence in the field of information security, and it is unlikely to be developed in 2019." Most of unsupervised machine learning-based network anomaly detection solution does not provide why the anomaly has been aroused and whether the anomaly is malicious or not. Most of such solution's pricing model is based on number of endpoints but I prefer to have flat fee subscription-based.
The most important thing to get traction is your business approach and some kind of openness for 3rd parties. NOBODY needs "fancy Dashboards"!
Most of the known vendors like Darktrace is extremely "sales offensive" and they don't have a clear sales strategy (direct or channel). A free POV (30days) is a common approach to attract new customers, but the outcome is not really important. It says nothing about the PAINS on the customer site.
Know your competitors!!!! There are many AI CyberSec Startups and Technologies - 99% are using "Machine Learning" what needs more time to the realtime reaction in critical phases. Preferred is Deep Learning like DeepInstinct offers.
Pricing Model per IP´s is pretty usual - but you need flexibility.
Thank you I’m not really interested in being sold to. I’m asking about what works, what doesn’t and pricing models. I don’t want any demos.
Thank you for your comments...what if the malware does not present as anomalous?
We are an Endpoint focused firm represented a Pyramid of EP based protection services (email & web filter, coupled with EP protection, cyber insurance and dark web monitoring). Our key AI product offering is Cylance, world class in it's ability to protect you where over 95% of all hacks occur, the End Point. Cylance is typically sold as a manged service due to some of the complexities of tailoring the product to fit your business needs. Typically the service is price per EP, per month.
Thank you, I am familiar with Darktrace and really like the product. I'd like to know your thoughts on additional features and pricing preferences.
In my opinion, the best response always comes from the source. I have many contacts at Darktrace that can precisely answer these and other questions. Please let me know if you would like me to arrange for a scheduled call.