IT Central Station is now PeerSpot: Here's why

Darktrace vs Splunk User Behavior Analytics comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
Darktrace vs. Splunk User Behavior Analytics
May 2022
Find out what your peers are saying about Darktrace vs. Splunk User Behavior Analytics and other solutions. Updated: May 2022.
608,713 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network.""I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities.""It is a stable solution.""Darktrace is very useful for us because it has a large number of models for detecting threats.""Darktrace is very flexible.""It is very stable and easy to use.""I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user.""It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."

More Darktrace Pros →

"The product is at the forefront of auto-remediation networking. It's great.""The solution appears to be stable, although we haven't used it heavily.""This is a good security product."

More Splunk User Behavior Analytics Pros →

Cons
"There aren't so many third-party vendor platforms natively integrated with the platform.""In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from.""A reporting portal could be a great addition to help customize reports.""It's quite expensive to have.""Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product.""Getting logs from different sources can be a challenge.""Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better.""In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."

More Darktrace Cons →

"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes.""I'm not aware of any lacking features.""The price of Splunk UBA is too high."

More Splunk User Behavior Analytics Cons →

Pricing and Cost Advice
  • "The pricing is a little high compared to the competition."
  • "Our customers feel that the price of Darktrace is quite high compared to other solutions."
  • "The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily."
  • "When it comes to large installations, it can be expensive, but for small accounts it's fine."
  • "It is a very expensive product."
  • "It is expensive. I don't have the price for other competitors."
  • "This solution is expensive."
  • "The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
  • More Darktrace Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
    608,713 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a… more »
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for… more »
    Top Answer:We are able to detect a lot of things, actually, and see what is happening in our network.
    Top Answer:The solution appears to be stable, although we haven't used it heavily.
    Top Answer:We simply use the free demo version of the product. We do not pay any licensing fees at this time.
    Ranking
    Views
    46,493
    Comparisons
    30,427
    Reviews
    24
    Average Words per Review
    499
    Rating
    8.5
    Views
    7,909
    Comparisons
    5,709
    Reviews
    3
    Average Words per Review
    389
    Rating
    8.7
    Comparisons
    Also Known As
    Caspida, Splunk UBA
    Learn More
    Overview

    Darktrace is a world leader in Autonomous Cyber AI and offers several different desirable tools available to provide a wide array of outstanding support and superior threat security. Darktrace works with many different popular solutions, such as Microsoft 365, Azure, AWS, and many more.

    Darktrace offers many different products to keep every type of business enterprise safe.

    Darktrace’s Enterprise Immune System is uniquely designed to learn the status quo of your operating system and is thereby quickly able to discover any anomalies, abusive behavior, and potential cyber threats and stop them immediately before there is any threat to your organization. With Darktrace’s Enterprise Immune System, you have complete transparency across your entire operational system. Darktrace utilizes intuitive self-learning to discover potential new known attacks externally and also locate any internal threats. Darktrace is intuitively self-adapting and will quickly learn the best way to keep your critical systems safe at all times, even as your business changes and grows.

    Darktrace offers an Industrial Immune System, which is specifically designed to understand the unique technologies of industrial systems and aggressively protect the integrity and durability of those ecosystems. You will get full transparency of OT, IT, and industrial IoT.

    Darktrace Antigena combines the best of the Autonomous Response technology to keep your enterprise ecosystems safe at all times. Darktrace Antigena has the decision-making ability to easily identify suspicious behavior and can stop in-progress threats such as cyber-attacks, ransomware, and threats to your cloud or proprietary infrastructure. Darktrace Antigena will provide protection to keep your systems safe and avoid any downtime or negative impact on your organization's productivity.

    Darktrace Cyber AI Analyst works as an investigative solution that instantly rates, interprets, and reports on the entire range of potential security threats. Darktrace Cyber AI Analyst uses an intuitive analysis process to investigate 100% of all potential threats. Each and every threat is rated and a response plan is created to direct your teams on the best possible course of action needed to immediately resolve the issue. Darktrace AI Analyst also handles Zero-day malware and ransomware. The automated threat investigation can work faster to develop a plan, follow issues, and investigate than any human component. Darktrace AI will save time and money by adding an additional supplemental layer of security to your organization.

    Darktrace provides outstanding enterprise-wide cyber defense to more than 5,500 organizations worldwide that rely on Darktrace daily to keep their business ecosystems running at maximum efficiency and productivity without any unplanned downtime within the overall business operation. Darktrace has a super-fast, machine-speed defense supported by the unique Autonomous Response that can take some of the pressure off of your security team and at the same time mount an aggressive fightback continuing to develop a safer defense every day.

    Reviews from Real Users

    Imad A., Group IT Manager at a manufacturing company, says, “"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."

    A Security Engineer at a real estate/law firm states, "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."







    Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics – for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
    Offer
    Learn more about Darktrace
    Learn more about Splunk User Behavior Analytics
    Sample Customers
    Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol
    8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
    Top Industries
    REVIEWERS
    Financial Services Firm20%
    Computer Software Company16%
    Government8%
    Manufacturing Company4%
    VISITORS READING REVIEWS
    Comms Service Provider23%
    Computer Software Company20%
    Government7%
    Financial Services Firm6%
    REVIEWERS
    Financial Services Firm50%
    Insurance Company13%
    Government13%
    Security Firm13%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider17%
    Financial Services Firm9%
    Government9%
    Company Size
    REVIEWERS
    Small Business49%
    Midsize Enterprise16%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise22%
    Large Enterprise53%
    REVIEWERS
    Small Business25%
    Midsize Enterprise33%
    Large Enterprise42%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise14%
    Large Enterprise69%
    Buyer's Guide
    Darktrace vs. Splunk User Behavior Analytics
    May 2022
    Find out what your peers are saying about Darktrace vs. Splunk User Behavior Analytics and other solutions. Updated: May 2022.
    608,713 professionals have used our research since 2012.

    Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 26 reviews while Splunk User Behavior Analytics is ranked 11th in Intrusion Detection and Prevention Software (IDPS) with 3 reviews. Darktrace is rated 8.4, while Splunk User Behavior Analytics is rated 8.6. The top reviewer of Darktrace writes "A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support". On the other hand, the top reviewer of Splunk User Behavior Analytics writes "Stable, with good automation capabilities, however, we want to be able to automate even more". Darktrace is most compared with CrowdStrike Falcon, Cisco Stealthwatch, Vectra AI, SentinelOne and FireEye Endpoint Security, whereas Splunk User Behavior Analytics is most compared with Cisco Stealthwatch, Elastic Enterprise Search, Microsoft Defender for Identity, Exabeam Fusion SIEM and IBM QRadar User Behavior Analytics. See our Darktrace vs. Splunk User Behavior Analytics report.

    See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.

    We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.