We performed a comparison between Darktrace and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a stable solution without downtime."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"In terms of features, the data or information they collect and unsupervised machine learning are very valuable. Its unsupervised machine learning has reduced our team's effort. Both Darktrace and Vectra work on unsupervised machine learning that learns the behavior or develops a profile on its own, which allows our security team to do some other tasks rather than spending time on Darktrace or Vectra. Because of unsupervised machine learning, its detection capability is quite good. Along with that, if we utilize the integration feature properly, the automated incident response capability of Darktrace is quite useful."
"I find the complete portfolio to be excellent."
"The solution is outstanding from a monitoring perspective."
"The platform has many modules, and each module examines a different situation in the behavior."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"The solution can scale."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"Very functional and good for detecting malicious traffic."
"The most valuable feature is the view into the application."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"Although we haven't detected any network threats since implementing Darktrace, we are unsure of its efficacy. It would be beneficial if the solution could offer additional details to the user regarding any potential or prevented threats. Additionally, there could be better search tools and integration."
"The program is quite expensive."
"The solution could be easier to use."
"The main portal needs improvement as it is difficult to use."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"I'd love them to see maybe covering the cloud a bit more."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"Technical support could be improved."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"The world is currently shifting to AI, but FIreEye is not following suit."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"The product's integration capabilities are an area of concern where improvements are required."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"Cybersecurity posture has room for improvement."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
More Trellix Network Detection and Response Pricing and Cost Advice →
Darktrace is ranked 1st in Network Detection and Response (NDR) with 65 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 35 reviews. Darktrace is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Cisco Secure Network Analytics, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Cisco Secure Network Analytics. See our Darktrace vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.