We performed a comparison between Darktrace and Pico Corvil Analytics based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Threat Explorer is one of the features that I very much like because it is a real-time report that allows you to identify, analyze, and trace security attacks."
"The initial setup is straightforward. You just add the license, click it, and then you can set up the rules. It is quite simple."
"The product is not resource-intensive."
"Microsoft Defender has a feature to protect each and every attachment. Even if it's an encrypted attachment, it will check for any potential threats."
"There are several features that I consider valuable."
"The basic features are okay and I'm satisfied with the Defender."
"Microsoft Defender for Office 365 has improved my organization's security. It makes it easier to manage the infrastructure without the help of third-party applications."
"The deployment capability is a great feature."
"It is a very simple product to use."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"The active threat dashboard is the most valuable feature of this solution."
"The product can scale."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"What I like about Darktrace, is that you can quickly identify threats."
"The NDR is good in their solution and they have NTG for email."
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"It allows us to trace the flow. The logic is built sufficiently for us to be able to break down clients' orders, underlying child orders, and execution. Thus, it's a good way for us to trace client flow through a myriad of different internal systems."
"With the Corvil Stored Data Analyzer module, we can use it for test data or a set of production data to set up the configuration for latency setup, so we can use the fields to correlate messages."
"We use the data to analyze how much time we spend within the applications. Then, based on that, we are doing multiple analyses and types of investigations to work on reducing the amount of time spent on the latency, which helps our applications."
"It has all the decoders so it's capturing every network packet and it's decoding in real-time and it's giving us latency information in real-time... It's the real-time decoding and getting the latency information statistics that we find the most useful."
"What is most valuable is the ability to troubleshoot when a client complains of spikes in latencies. It gives us the ability to go granular, all the way down to looking at the network packets and analyze them."
"The analytics features of Corvil are really good... As long as you know what the field is in the message, you can build your metrics based on that field... It means you can do the analytics that you actually care for. You can customize it..."
"Time-series graphs are very good for performance analysis. We can do comparisons... We can say this is the latency in the last 24 hours, and this was the same 24-hour period a week ago and overlay the two time-series graphs on top of each other, so we can see the difference. That's a really powerful tool for us."
"We can use CLI with the UI for configuring the new monitoring system, which is good."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"The company should focus on adding threats that the solution is currently unable to detect."
"The pre-sales cost calculations could be more transparent."
"We need a separate license and we don't know how to get the license that is required."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization."
"The certification training for Defender for 365 needs to be deeper and incorporate Sentinel. I took all the security courses except one, and Sentinel isn't included."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The solution would benefit from automation. Currently, you have to know what you are searching for."
"The program is quite expensive."
"Darktrace does not have any capabilities to configure."
"The initial setup is more complex and time-consuming than some solutions."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"The interface is too mathematical and it should be simplified."
"The creation of charts and real-time windows was somewhat cumbersome. The vendor's website had an application called App Agent that required improvement. This API was designed to track message rates between microservers ingested into a microservice memory map. It allowed users to monitor the number of transactions that occurred at specific points within the application, and it was quite impressive. However, it had some limitations, and it mainly served as a tool for basic tracking. The protocols it employed could reveal the type of server-to-server communication and the specific order types, but it was not able to provide a more in-depth analysis of the application. The vendor has the potential to integrate application metrics more extensively into their product suite."
"Before I got the Corvil training... one thing that was not very efficient was that every time you had to create a new stream or a new session from within Corvil... you had to tell it what protocol the message is going to come through and how to correlate messages, etc... After I went for the training, they had already added these nice features in the 9.4 version where it could do auto-discovery... Based on the traffic that it has already seen, it could create sessions on the fly."
"While the product is scalable, it's not easy to scale. It needs investment hardware and network bandwidth consideration. It's not something you can just do overnight."
"There is definitely room for improvement in the reporting. We've tried to use the reporting in Corvil but, to me, it feels like a bolt-on, like not a lot of thought has gone into it. The whole interface where you build reports and schedule them is very clunky."
"I have seen errors where the CNE and the CMC haven't synced because of something missing in the CMC, which was there in the CNE. We would get some type of error, but it doesn't actually say what exactly was missing in the CNE."
"Overall, the Corvil device needs a little bit of training for people to handle it. If that could be reduced and made more user-friendly, more intuitive, it would be better."
"In terms of performance analysis, if you really want to dig down into the minutiae and get statistics on the important things... that would be the only piece lacking because, in our environment, we have thousands and thousands of symbols. With the architecture that Corvil is built on, it's cumbersome."
"It's quite difficult to see, sometimes, how hard your Corvil is working. When we had a very busy feed that chucked out a lot of data it wasn't working very well on Corvil. We had to raise a case for it. It turned out to be that, in fact, we were overloading Corvil."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while Pico Corvil Analytics is ranked 51st in Network Monitoring Software with 9 reviews. Darktrace is rated 8.2, while Pico Corvil Analytics is rated 9.0. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Pico Corvil Analytics writes "Helpful support agents, beneficial issue detection, and high availability". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas Pico Corvil Analytics is most compared with NETSCOUT nGeniusONE, Gigamon Deep Observability Pipeline, ThousandEyes and ITRS Geneos.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.