We compared ExtraHop Reveal(x) and Darktrace based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparisons between ExtraHop Reveal(x) and Darktrace, ExtraHop Reveal(x) has a more complex setup process requiring coordination and involving multiple teams, while Darktrace's setup is generally considered simple and straightforward. ExtraHop Reveal(x) is praised for its advanced features and user-friendly interface, while Darktrace's biggest strength lies in its ability to autonomously detect and monitor threats. ExtraHop Reveal(x) could improve in terms of agent management, integration partners, and pricing, while Darktrace could benefit from reducing false positives and enhancing usability. Darktrace is often seen as expensive, whereas pricing reviews for ExtraHop Reveal(x) vary. ExtraHop Reveal(x) has had a significant positive impact on operations and offers strong customer support, while Darktrace excels in monitoring, protection, and providing insights into network activity, with customers expressing satisfaction with its customer service.
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"We have found the product to be stable and issue-free."
"What I like about Darktrace, is that you can quickly identify threats."
"The product can scale."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"It's a wire analytics tool. We use it for isolating and determining issues on our network or applications. It does a lot for crediting the network as opposed to discrediting the network. A lot of people come along and say that it's a network issue. It's always considered to be a network issue, but by using ExtraHop, we can quickly tell them that it's not a networking issue. It's something to do with your application or something at the other end. It could be a database issue. This tool gives us the ability to pinpoint with great accuracy the comings and goings on our network."
"We had useful information within the hour of deployment. The ability to trace back for historical analysis, as well as the behavioral analysis done with the security information, puts the user in a position to make an informed decision to mitigate the performance or security incidents. Regarding the security incidents, Reveal (x) is able to create incident cards that guide your teams through the incidents and gives you the option to delve into the transaction detail to potentially view payloads as well."
"ExtraHop Reveal(x) is one of the tools that works out of the box when it comes to threat hunting."
"The solution's ability to decrypt SSL traffic is its most valuable feature."
"With ExtraHop Reveal(x), it gives me more visibility into the packets. It doesn't provide the entire packet capture, but it offers more information on how connections are made at the network layer. This can be helpful for detecting network attacks. Additionally, I really like the customizable dashboards and reports. The incident dashboard and alerts provide a good summary initially, and diving deeper into them gives more detailed information. It's also great for analyzing specific attacks and victim logs. The feature that tracks the full attack chain makes it easier to monitor the progress of attacks. Plus, it's connected to the Netria.com app, which I find useful for certain tasks."
"The most valuable features of ExtraHop Reveal(x) are the detection and alerting of network behavior and anomalies."
"The security features of this solution are the most valuable."
"The solution works well for sending sensors."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"The pricing is a bit high for the region."
"I believe their network monitoring device licensing module could use some improvement."
"The program is quite expensive."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"The solution is expensive and gets more expensive if a company needs to scale it."
"The solution's reporting part and GUI are areas with certain shortcomings where improvements are required."
"Agent management could certainly use some focus. It should also be a little bit easier to work with collections. We should be able to nest collections within collections. There should be better nesting."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"ExtraHop Reveal(x) could improve by allowing a longer look back in the feature. Right now you have a limit of 30 days to look back on your activity. I've used Darktrace before, and they allow you the ability to play back events. This would be a good feature to have in ExtraHop Reveal(x)."
"The solution’s pricing could be improved."
"It needs integration with more security vendors."
Darktrace is ranked 1st in Network Traffic Analysis (NTA) with 32 reviews while ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 10 reviews. Darktrace is rated 8.2, while ExtraHop Reveal(x) is rated 8.6. The top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". On the other hand, the top reviewer of ExtraHop Reveal(x) writes "Does full decryption at 100 Gbps, reduces our MTTR, and has great analytics". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Rapid7 InsightIDR, whereas ExtraHop Reveal(x) is most compared with Vectra AI, Corelight, Cisco Secure Network Analytics, Arista NDR and Trend Micro Deep Discovery. See our Darktrace vs. ExtraHop Reveal(x) report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.