We performed a comparison between Darktrace and LogRhythm NDR based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue."
"The solution can scale."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"A simple, powerful AI solution that just does all the work for you when you turn it on."
"The active threat dashboard is the most valuable feature of this solution."
"Technical support is helpful and responsive."
"I find it very good in the way that they show the past events, including the attack history."
"It's an excellent security tool with a user-friendly interface that's easy for anyone to use."
"It is a stable solution...It is a scalable solution."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"The interface is too mathematical and it should be simplified."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"Needs to improve its collaboration with local partners."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"The initial setup is more complex and time-consuming than some solutions."
"From an improvement perspective, I would like LogRhythm NDR to reduce the compute size. I would also like LogRhythm NDR to improve the pricing model."
"There are opportunities for improvement, particularly in upgrading the expertise of local professionals and addressing support issues, which could potentially lead to cost reduction."
Darktrace is ranked 1st in Network Detection and Response (NDR) with 65 reviews while LogRhythm NDR is ranked 11th in Network Detection and Response (NDR) with 2 reviews. Darktrace is rated 8.2, while LogRhythm NDR is rated 8.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of LogRhythm NDR writes "A scalable and stable tool that offers users a great GUI". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas LogRhythm NDR is most compared with Vectra AI and Lumu. See our Darktrace vs. LogRhythm NDR report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.