We performed a comparison between Darktrace and IRONSCALES based on real PeerSpot user reviews.
Find out in this report how the two Email Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Microsoft Defender for Office 365 is a stable solution."
"Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"There are several features that I consider valuable."
"Since we have started using the solution, there have been fewer compromises."
"The good part is that you don't have to configure it, which is very convenient."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"I am impressed with the product's ability to give insights into network traffic."
"The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
"Technical support is helpful and responsive."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"There is buzz around phishing awareness training. When I make a campaign, all of a sudden people in our organization are talking, thinking, and wondering about it. Therefore, it keeps people on their toes. That is perfect because it does exactly what we want it to do."
"I would say the most valuable feature is what they call Themis. It's like a virtual analyst that uses the decisions that system admins make to generate a score for whether an email is legitimate, spam, or phishing. It gets better based on the decisions that we make over time. The automation piece is great as well. The integrated approach of email security combined with employee awareness training is excellent."
"The biggest benefit is that we get fewer phishing and spam emails, so using IRONSCALES has made our environment much safer."
"For me, the mobile app is most valuable. All other features are also very useful, but the mobile app makes it really easy for me to manage on the go. I don't have to be at my desk. I could be at the shops, or it could be in the evening when I am out, and I can get a notification on my phone that there is an incident that has been raised. I can sort it out very quickly without having to be at my work PC."
"The stability is good."
"The report function through Gmail is probably the most valuable feature. The next most valuable features are simulation and training."
"AI-driven phishing detection and incident remediation are valuable. It saves time from having to do manual analysis and investigation, and we also get alerts for phishing emails."
"For what was being offered with IRONSCALES, I feel like we got an incredible deal."
"The pre-sales cost calculations could be more transparent."
"Microsoft Defender for Office 365 should be more proactive."
"We need to be able to whitelist data at the backend."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"Microsoft Defender for Office 365 must improve the overall management style, including the GUI. It also needs to change the filters so that it is easy to whitelist and blacklist data."
"There needs to be an improvement in integrating the product to work across multiple operating systems, and to have better support for non-Microsoft file types."
"The XDR dashboard has room for improvement."
"You should be able to deploy Defender for every subscription without the need to add servers."
"It's a very complex platform."
"There is a high ratio of false positive information."
"I think there is some MSSP missing."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"It is expensive, but everything else has been great so far."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"There's room for improvement in the campaign management. IRONSCALES has many built-in templates that I use, but you can also build templates from scratch. However, the interface for creating custom templates needs to be updated."
"The simulation and training piece could be improved by having more granularity in terms of scheduling how campaigns are run and allowing people to directly take the training rather than having to go through an official campaign. That's not available yet."
"The only thing that I could say is that some of the reporting features could be better."
"The integration with Google Suite needs to be better. it's something they can work on."
"Even though they have been continuously improving it, it is not 100% there. We have had a few incidents where legitimate emails were getting blocked, and we had to manually remove those emails from quarantine. It is 90% effective or accurate because, on rare occasions, some emails from customers were not getting delivered. In one or two instances, their emails got blocked by IRONSCALES, and we had to manually remove the emails from quarantine. I would like them to improve their algorithm to avoid flagging genuine emails as malicious. I would also like to be able to whitelist certain email addresses. I'd love to be able to whitelist a particular customer."
"I would like it if IRONSCALES had some sort of reminder mechanism, meaning IRONSCALES knows if a user completed the training or not. As long as it hasn't been completed, it keeps reminding every so often, alerts the manager, etc. Right now, it is all in the hands of the employee, and not all of them continue the process, which is a shame."
"There is a feature called Account Takeover, which isn't what I want it to be able to do. I know that they're working on that, but when they first started the Account Takeover feature in incident management, it didn't have much information. It didn't have any usability to it. I already had tools in place that were better."
"IRONSCALES should bundle more features together instead of separating them and charging additional licensing fees."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 13th in Email Security with 65 reviews while IRONSCALES is ranked 3rd in Secure Email Gateway (SEG) with 11 reviews. Darktrace is rated 8.2, while IRONSCALES is rated 9.2. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of IRONSCALES writes "It has an easy installation that can be done in a matter of minutes". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas IRONSCALES is most compared with Avanan, Sublime Security, Perception Point Advanced Email Security and Cisco Secure Email. See our Darktrace vs. IRONSCALES report.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.