We compared Vectra AI and ExtraHop Reveal(x) based on our user's reviews in 4 parameters. After reading all of the collected data, you can find our conclusion below.
Vectra AI excels in customer service, advanced threat detection, and competitive pricing. User feedback on ExtraHop Reveal(x) highlights robust network visibility, intuitive user interface, and highly regarded customer support. Vectra AI users appreciate the affordability and flexibility of the pricing, while ExtraHop Reveal(x) users value the comprehensive analytics capabilities.
Features: Vectra AI stands out for its advanced threat detection capabilities, machine learning algorithms, and automated response features. ExtraHop Reveal(x) is praised for its robust network visibility, comprehensive analytics, and intuitive user interface.
Pricing and ROI: Vectra AI offers competitive pricing with reasonable setup costs and flexible licensing options. ExtraHop Reveal(x) is also well-received for its cost-effectiveness, low setup cost, and straightforward licensing process. Users have had positive experiences with both products in terms of pricing, setup cost, and licensing. Vectra AI delivered ROI that exceeded expectations with significant security and efficiency improvements. ExtraHop Reveal(x) was praised for enhancing network visibility and security with user-friendly interface and robust functionalities.
Room for Improvement: Vectra AI has room for improvement in its complex and unintuitive user interface, lack of customization options, occasional glitches, and high pricing. ExtraHop Reveal(x) could enhance its user interface, accuracy, documentation, and customer support for a better user experience.
Deployment and Customer Support: Vectra AI may be a bit complex and require additional customization for on-prem installations. ExtraHop Reveal(x) is considered simple and offers a user-friendly initial setup. Vectra AI stands out for its exceptional customer support, with knowledgeable staff providing quick solutions. ExtraHop Reveal(x) also has good support, however, it suffers from occasional quality issues.
The summary above is based on 31 interviews we conducted recently with Vectra AI and ExtraHop Reveal(x) users. To access the review's full transcripts, download our report.
"ExtraHop Reveal(x) is one of the tools that works out of the box when it comes to threat hunting."
"The solution's initial setup process is easy."
"The solution's ability to decrypt SSL traffic is its most valuable feature."
"The security features of this solution are the most valuable."
"With ExtraHop Reveal(x), it gives me more visibility into the packets. It doesn't provide the entire packet capture, but it offers more information on how connections are made at the network layer. This can be helpful for detecting network attacks. Additionally, I really like the customizable dashboards and reports. The incident dashboard and alerts provide a good summary initially, and diving deeper into them gives more detailed information. It's also great for analyzing specific attacks and victim logs. The feature that tracks the full attack chain makes it easier to monitor the progress of attacks. Plus, it's connected to the Netria.com app, which I find useful for certain tasks."
"Reveal X integrates seamlessly with CrowdStrike. If you see something sketchy on the network, you can quarantine devices through ExtraHop and it'll push to the CrowdStrike server."
"Setting up the solution is relatively easy."
"When there are performance issues with an HTTP app, ExtraHop enables us to identify the causes within a few minutes. We can see what transactions are being impacted by something that may be happening within the server environment."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"We discovered a lot of things in our network and are correcting several misconfigurations. We are learning how some apps work together and how some things shouldn't happen. It's also easier for us to identify the source of a brute force, whereas before, we didn't even know we had a brute force."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us."
"Vectra AI is the best. It is a major product in our cybersecurity."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"I would like to see more cloud capability."
"ExtraHop Reveal(x) could improve by allowing a longer look back in the feature. Right now you have a limit of 30 days to look back on your activity. I've used Darktrace before, and they allow you the ability to play back events. This would be a good feature to have in ExtraHop Reveal(x)."
"They used to have the ability to decode Citrix sign-on, setup, and tear down. Unfortunately, Citrix has stopped sharing that knowledge. Citrix has continued to change its model of processing, making it harder and harder to troubleshoot."
"The solution is expensive and gets more expensive if a company needs to scale it."
"The solution's reporting part and GUI are areas with certain shortcomings where improvements are required."
"Agent management could certainly use some focus. It should also be a little bit easier to work with collections. We should be able to nest collections within collections. There should be better nesting."
"There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that"
"I think the tuning capabilities could be improved. We're working on minimizing false positives. Apart from that, everything seems fine to me."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"In education as a sector, we are looking at AI a lot in terms of how it can be used as part of the teaching and learning side of things. It would be great to have Vectra AI look at a better way to enhance the security posture related to the AI tools in our portfolio."
"The main improvement I can see would be to integrate with more external solutions."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
ExtraHop Reveal(x) is ranked 5th in Network Traffic Analysis (NTA) with 12 reviews while Vectra AI is ranked 2nd in Network Traffic Analysis (NTA) with 40 reviews. ExtraHop Reveal(x) is rated 8.6, while Vectra AI is rated 8.6. The top reviewer of ExtraHop Reveal(x) writes "It helps you visualize how data moves across your network". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". ExtraHop Reveal(x) is most compared with Darktrace, Corelight, Cisco Secure Network Analytics, Arista NDR and ExtraHop Reveal(x) 360, whereas Vectra AI is most compared with Darktrace, Cisco Secure Network Analytics, Arista NDR, Corelight and Trend Micro Deep Discovery. See our ExtraHop Reveal(x) vs. Vectra AI report.
See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.
We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.