We performed a comparison between Darktrace and Splunk User Behavior Analytics based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find the complete portfolio to be excellent."
"The platform has many modules, and each module examines a different situation in the behavior."
"The ability to detect activity on the network is very useful to us. Even if it's not necessarily an illegal activity, if it is abnormal activity, it is able to detect it and notify us."
"The models, triggers, and alerts are customizable."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network."
"Technical support is helpful and responsive."
"We have found the product to be stable and issue-free."
"The solution appears to be stable, although we haven't used it heavily."
"The product is at the forefront of auto-remediation networking. It's great."
"The solution is extremely scalable. Our customers are regularly scaling up after installing Splunk."
"This is a good security product."
"The solution is fast, flexible, and easy to use."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"The most valuable feature is the ability to search through a large amount of data."
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"The pricing model is a little too high and could be more flexible."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."
"Darktrace needs to automate the reports of false positives, botnets and everything."
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"The price of Splunk UBA is too high."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"I'm not aware of any lacking features."
"There are occasional bugs."
"The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"We'd like the ability to do custom searches."
More Splunk User Behavior Analytics Pricing and Cost Advice →
Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 32 reviews while Splunk User Behavior Analytics is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 5 reviews. Darktrace is rated 8.2, while Splunk User Behavior Analytics is rated 8.2. The top reviewer of Darktrace writes "A stable, scalable, and valuable tool that provides excellent network monitoring". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Quick response time and can store an enormous amount of data". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cynet, whereas Splunk User Behavior Analytics is most compared with Microsoft Defender for Identity, IBM Security QRadar, Varonis Datalert, Cynet and Exabeam Fusion SIEM. See our Darktrace vs. Splunk User Behavior Analytics report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.