We compared ExtraHop Reveal(x) and Darktrace based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparisons between ExtraHop Reveal(x) and Darktrace, ExtraHop Reveal(x) has a more complex setup process requiring coordination and involving multiple teams, while Darktrace's setup is generally considered simple and straightforward. ExtraHop Reveal(x) is praised for its advanced features and user-friendly interface, while Darktrace's biggest strength lies in its ability to autonomously detect and monitor threats. ExtraHop Reveal(x) could improve in terms of agent management, integration partners, and pricing, while Darktrace could benefit from reducing false positives and enhancing usability. Darktrace is often seen as expensive, whereas pricing reviews for ExtraHop Reveal(x) vary. ExtraHop Reveal(x) has had a significant positive impact on operations and offers strong customer support, while Darktrace excels in monitoring, protection, and providing insights into network activity, with customers expressing satisfaction with its customer service.
"The product offers us a very good user interface and we've found the network visibility to be very good so far."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"I find it very good in the way that they show the past events, including the attack history."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"I am impressed with the product's ability to give insights into network traffic."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"When there are performance issues with an HTTP app, ExtraHop enables us to identify the causes within a few minutes. We can see what transactions are being impacted by something that may be happening within the server environment."
"The security features of this solution are the most valuable."
"We had useful information within the hour of deployment. The ability to trace back for historical analysis, as well as the behavioral analysis done with the security information, puts the user in a position to make an informed decision to mitigate the performance or security incidents. Regarding the security incidents, Reveal (x) is able to create incident cards that guide your teams through the incidents and gives you the option to delve into the transaction detail to potentially view payloads as well."
"The most valuable features of ExtraHop Reveal(x) are the detection and alerting of network behavior and anomalies."
"The solution's initial setup process is easy."
"Reveal X integrates seamlessly with CrowdStrike. If you see something sketchy on the network, you can quarantine devices through ExtraHop and it'll push to the CrowdStrike server."
"Setting up the solution is relatively easy."
"ExtraHop Reveal(x) is one of the tools that works out of the box when it comes to threat hunting."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"I think there is some MSSP missing."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"A reporting portal could be a great addition to help customize reports."
"The pricing is a bit high for the region."
"The solution should include more support protocols."
"Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data."
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"ExtraHop Reveal(x) could improve by allowing a longer look back in the feature. Right now you have a limit of 30 days to look back on your activity. I've used Darktrace before, and they allow you the ability to play back events. This would be a good feature to have in ExtraHop Reveal(x)."
"I think the tuning capabilities could be improved. We're working on minimizing false positives. Apart from that, everything seems fine to me."
"The solution is expensive and gets more expensive if a company needs to scale it."
"The solution’s pricing could be improved."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 65 reviews while ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 12 reviews. Darktrace is rated 8.2, while ExtraHop Reveal(x) is rated 8.6. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of ExtraHop Reveal(x) writes "It helps you visualize how data moves across your network". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Rapid7 InsightIDR, whereas ExtraHop Reveal(x) is most compared with Vectra AI, Corelight, Cisco Secure Network Analytics, Arista NDR and ExtraHop Reveal(x) 360. See our Darktrace vs. ExtraHop Reveal(x) report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.