Darktrace OverviewUNIXBusinessApplication

Darktrace is the #1 ranked solution in top Intrusion Detection and Prevention Software, Network Traffic Analysis tools, and top Network Detection and Response (NDR) tools. PeerSpot users give Darktrace an average rating of 8.4 out of 10. Darktrace is most commonly compared to CrowdStrike Falcon: Darktrace vs CrowdStrike Falcon. Darktrace is popular among the large enterprise segment, accounting for 52% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.
Darktrace Buyer's Guide

Download the Darktrace Buyer's Guide including reviews and more. Updated: March 2023

What is Darktrace?

Darktrace is a world leader in Autonomous Cyber AI and offers several different desirable tools available to provide a wide array of outstanding support and superior threat security. Darktrace works with many different popular solutions, such as Microsoft 365, Azure, AWS, and many more.

Darktrace offers many different products to keep every type of business enterprise safe.

Darktrace’s Enterprise Immune System is uniquely designed to learn the status quo of your operating system and is thereby quickly able to discover any anomalies, abusive behavior, and potential cyber threats and stop them immediately before there is any threat to your organization. With Darktrace’s Enterprise Immune System, you have complete transparency across your entire operational system. Darktrace utilizes intuitive self-learning to discover potential new known attacks externally and also locate any internal threats. Darktrace is intuitively self-adapting and will quickly learn the best way to keep your critical systems safe at all times, even as your business changes and grows.

Darktrace offers an Industrial Immune System, which is specifically designed to understand the unique technologies of industrial systems and aggressively protect the integrity and durability of those ecosystems. You will get full transparency of OT, IT, and industrial IoT.

Darktrace Antigena combines the best of the Autonomous Response technology to keep your enterprise ecosystems safe at all times. Darktrace Antigena has the decision-making ability to easily identify suspicious behavior and can stop in-progress threats such as cyber-attacks, ransomware, and threats to your cloud or proprietary infrastructure. Darktrace Antigena will provide protection to keep your systems safe and avoid any downtime or negative impact on your organization's productivity.

Darktrace Cyber AI Analyst works as an investigative solution that instantly rates, interprets, and reports on the entire range of potential security threats. Darktrace Cyber AI Analyst uses an intuitive analysis process to investigate 100% of all potential threats. Each and every threat is rated and a response plan is created to direct your teams on the best possible course of action needed to immediately resolve the issue. Darktrace AI Analyst also handles Zero-day malware and ransomware. The automated threat investigation can work faster to develop a plan, follow issues, and investigate than any human component. Darktrace AI will save time and money by adding an additional supplemental layer of security to your organization.

Darktrace provides outstanding enterprise-wide cyber defense to more than 5,500 organizations worldwide that rely on Darktrace daily to keep their business ecosystems running at maximum efficiency and productivity without any unplanned downtime within the overall business operation. Darktrace has a super-fast, machine-speed defense supported by the unique Autonomous Response that can take some of the pressure off of your security team and at the same time mount an aggressive fightback continuing to develop a safer defense every day.

Reviews from Real Users

Imad A., Group IT Manager at a manufacturing company, says, “"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."

A Security Engineer at a real estate/law firm states, "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."







Darktrace Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol

Darktrace Video

Darktrace Pricing Advice

What users are saying about Darktrace pricing:
  • "The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
  • "Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year."
  • "It was $3,600 a month or $2,000 plus or so. I am not sure. Its licensing is pretty simple."
  • "In the ballpark, we're talking about $30K, $50K, and up. It can even be as much as $50K or $100K."
  • Darktrace Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Group IT Manager at a manufacturing company with 1,001-5,000 employees
    Real User
    Top 5Leaderboard
    Advanced Cybersecurity Artificial Intelligence, plenty of features, and impressive threat detection
    Pros and Cons
    • "I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
    • "In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."

    What is our primary use case?

    Darktrace is used for cybersecurity, you can buy it as a physical appliance or solution as a service on the cloud. I tried the on-premises solution to detect any threat over our network.

    How has it helped my organization?

    Darktrace played an important role in the security detection strategy by reducing the time lost in detecting, analyzing, and incident resolving. This is due to its friendly user interface that shows you in simple graphs and analytics the output for any log over your network whether it is computer, device, switch, access point, etc...

    What is most valuable?

    I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network.

    There is an included library of threat detections, not only locally, but threats being experienced all around the world. It is similar to a database of all the threats and what is done by cybersecurity administrators across the internet. By collecting events and information all around the world makes Darktrace more proactive in dealing with threat notifications and cybersecurity detection. The service is very comprehensive and can cover all security areas.

    It has simple tracking capabilities and a graphical interface that can assist you with coding, you do not need to be a guru. The dashboards are user-friendly and you do not need an application to access your work, it is all done through any browser. Additionally, there is a mobile application that is one of the best features because you can see any threats from your phone. There is a playbook that can give you instructions. For example, if you see your network servers are being injected by ransomware you can stop the session and be notified of which person on what computer triggered the threat.

    The solution is very professional. Everybody would like to have an application on their phone to be more proactive about security anywhere and this solution delivers.

    What needs improvement?

    In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from. Since it is collecting all scenarios that might happen from any threat, new playbooks may be discovered and customers will have the privilege to use them in their environment. Other than that, Darktrace is leading in every aspect.

    Buyer's Guide
    Darktrace
    March 2023
    Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    686,748 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been using this solution for one month.

    What do I think about the stability of the solution?

    Very Stable

    What do I think about the scalability of the solution?

    We have a number of employees using the solution in my organization which includes administrators and management.

    How are customer service and support?

    Technical support is excellent. You can communicate with them by sending an email, WhatsApp messages, or other types of communication. They have their support in many places around the world so what ever your time zone is, they are available.

    The support you do receive is excellent.

    Which solution did I use previously and why did I switch?

    I have used other solutions previously but non had this intelligence,

    How was the initial setup?

    The installation is very easy. I was shocked by the simplicity of the management, implementation, and dashboards. 

    What about the implementation team?

    I have implemented it using Darktrace Team who were very professional.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want. There is some flexibility, for example, if you only want to have email inspections, network inspections, endpoint inspections, or brief analytics of the reports and controls over your infrastructure, can reduce the prices accordingly. Not choosing all the features can reduce the price. When comparing this solution to competitors in the market it is expensive. However, you are paying for a valuable solution with plenty of features. Their artificial and cyber intelligence is working extremely well. I am a consultant and work with a variety of solutions by myself, attend training, and understand people who are working with these solutions.

    I need to know the advantage, disadvantages, weaknesses, and what makes the solution better than the others. Darktrace proves at some point that the value of money you are paying for the solution is reasonable for the advanced technology you are receiving as it covers many solutions that can cost much  much more than darktrace where as i you bought Darktrace you reducing all the complexity to one simple solution. 

    Which other solutions did I evaluate?

    I have evaluated many other solutions.

    What other advice do I have?

    My advice to those wanting to implement this solution is if they want to experience artificial intelligence, advanced cybersecurity, and high-level detection, this solution is the one. 

    I rate Darktrace a nine out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Network Administrator at a healthcare company with 501-1,000 employees
    Real User
    Detailed interface and good granularity but too expensive
    Pros and Cons
    • "t was pretty as far as the granularity of what you were getting out of it."
    • "The price point for the product was too high for what our possible use case could be."

    What is our primary use case?

    We're part of our regional hospital group in Northwestern Ontario. One of our group members was using the DarkTrace product suite. It was brought forward that other hospitals within the group may want to try it. A couple of us did a demo, which basically involved getting the appliance installed in our data center and routing all the traffic through it. 

    We basically had the product running for a company, however, it really didn't pop up or offered anything that we were not already aware of. 

    What is most valuable?

    It has a very detailed interface - almost too detailed. It was pretty as far as the granularity of what you were getting out of it. 

    The solution is very detailed. It has lots of fancy graphics that don't necessarily lead to a good outcome regarding knowing what's going on.

    What needs improvement?

    The only problem with these kinds of demos is that unless something actually goes wrong or you have something in the data center already; you don't see any difference. However, no news is good news.

    The price point for the product was too high for what our possible use case could be. The demo might have gone more favorably in their direction if something had actually occurred during the demo. However, nothing did, and management decided that it was not worth the very high price.

    The interface didn't really give you a whole bunch of insight into actually what was going on.

    They did have some AI that they claimed could tell if traffic was malicious or what the intent of the traffic was. We never got to see that actually do anything. They identified some traffic. They said it was malicious. However, it turns out it was a known traffic that we had occurring, and it wasn't malicious. So there were a few missteps that way.

    The UI is too dark.

    We ultimately didn't find any value in the product.

    For how long have I used the solution?

    We did a demo for two or three months. We did not use the solution for a very long time. 

    What do I think about the scalability of the solution?

    In terms of scalability, you would need a separate device for every location. For our particular hospital, we actually have three or four main facilities, or what we would consider main facilities. You'd actually need to have a physical box for every deployment in order for traffic to be efficiently detected. They did say that we could route the traffic from the site through the box. However, essentially, that would be doubling the traffic load, which didn't really seem like it was a wise decision. As far as scalability, the box that we had was very capable of handling the traffic load that we were producing. I would say we are probably using maybe ten percent of it at the most at peak levels.

    How are customer service and support?

    We had some interactions with them during setup and during the demo. They were fine.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    The initial setup depends on the network. We had a mature infrastructure which made it a bit more challenging.

    It took us a few hours to set everything up and make sure it was capturing everything it needed to. 

    If you had a straightforward Cisco environment where you could easily forward traffic and CDP needed, it would be pretty easy. 

    What's my experience with pricing, setup cost, and licensing?

    I'd rate the pricing two or three out of ten. It is pretty expensive. For us, it just wasn't worth it. 

    What other advice do I have?

    We are customers and end-users. 

    I'd rate the solution five out of ten. It's an interesting maturing market. They do have potential, however, they do need to work a fair bit on their AI models and their interface.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Darktrace
    March 2023
    Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
    686,748 professionals have used our research since 2012.
    Head of Infrastructure, Security and Communications at a construction company with 5,001-10,000 employees
    Real User
    Easy to set up with good integration capabilities and useful UI
    Pros and Cons
    • "We have found the product to be stable and issue-free."
    • "We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."

    What is our primary use case?

    We're using it in a complete security solution yet still within a different product that Darktrace has that's related to the network or email.

    What is most valuable?

    The most valuable aspect of the product would be that it's a product that is quite easy to integrate. It's quite easy to start working with it, which is working well. The concept of artificial intelligence that is behind the solution is the most interesting feature for us.

    The sense of detection and monitoring and topics within security is good.

    It was easy to set up the product.

    We have found the product to be stable and issue-free.

    It is scalable. 

    What needs improvement?

    We need them to ensure they will detect new attacks and pick up anomalies.

    We, of course, would love more threat intelligence, and more integration with vulnerability scanners. We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on. 

    They're working in different modules that could be related to threat intelligence and to the tech vulnerabilities or functionalities related to EDR.

    For how long have I used the solution?

    We've been working with the solution for the last couple of years. 

    What do I think about the stability of the solution?

    We've had no issues with stability. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

    What do I think about the scalability of the solution?

    It is scalable and easily expands. 

    The whole of the organization leverages the product, however, I do not have a clear picture of how many people we are working it. That said, we have a company of 2,000.

    How are customer service and support?

    I've dealt with technical support in the past. I found them to be helpful. 

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We did previously use a different solution. That said, I don't remember what it was called. 

    How was the initial setup?

    The product is easy to set up.

    After deployment, we spent three months, which is the time that this solution needs to learn about what's happening in our network. In one day, once we had defined all the configurations and once they have been seen on the appliance, we were able to start running it.

    It's an easy product to maintain. 

    What about the implementation team?

    We handled the initial setup ourselves. We did not need any outside assistance from integrators or consultants. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing is okay. I'd rate it seven out of ten in terms of affordability.

    You have different modules which you have to pay for. If you want to expand functionality, it ends up costing more. 

    Which other solutions did I evaluate?

    Looked at Microsoft, Proofpoint, and Minecraft when we were looking into Darktrace. We decided on this product based on the available features. 

    What other advice do I have?

    We are using the last version of the solution, although I don't know the exact version number. We plan to upgrade in the next couple of weeks. We might be on version five, with the latest being six.

    This is something that is really easy to implement in an organization. It gives us good visibility about what is happening in our networks, and on the system. We like the transparency available within our infrastructure now. We can also personalize it to fit our needs. You can either choose plug and play or you can go deeper. They have artificial intelligence you can start working with. You can define more by leveraging modules. Overall, it's very interesting. 

    I'd rate the solution eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Christian Strasser - PeerSpot reviewer
    Manager Information Systems / Technology at Food Sciences Corporation
    Real User
    Easy to implement with a nice interface and very good at identifying intrusions
    Pros and Cons
    • "We liked their approach to identifying intrusions or network anomalies using AI."
    • "Upper management wasn't sold on the value proposition."

    What is our primary use case?

    We were trying to justify Darktrace, and I was starting to do an analysis of the different solutions. We did a POC and haven't made a decision as to if we will use it or not.

    We were just trying to validate their claims of AI-driven preventive network issues. They showed us a number of things, and we were able to show or verify that, yes, the things that they pointed out we were glad they caught. Nothing turned out to be a true intrusion, however, the stuff that they showed us were things that we were happy to see on our network. They discovered traffic on our network that was anomalous. We were just looking to see if they could point us to anomalous traffic, and they did.

    What is most valuable?

    We liked their approach to identifying intrusions or network anomalies using AI.

    We liked their interface and the graphics that they deployed to present the information. It was really good, and we were happy with the overall quality of the product, which was very, very robust.

    The implementation was easy.

    What needs improvement?

    We didn't really notice any downsides to the product. We were very impressed with it. It was a matter of timing and cost. Upper management wasn't sold on the value proposition.

    For how long have I used the solution?

    We had demoed Darktrace for a few months.

    What do I think about the stability of the solution?

    It ran pretty fast. Its interface was quick, and it did not impact our network traffic. It didn't slow down anything on our network. It was stable. 

    What do I think about the scalability of the solution?

    We had a sense that it was going to handle our network without many problems. We have a few hundred endpoints of all types, and there was no problem. We had three users on the solution. 

    Since we weren't really entirely familiar with the product we were, I'd say we were probably using 10% to 20% of its capabilities.

    How are customer service and support?

    When we originally initially configured and set it up, we used some support, and we were happy with them. We thought they were very confident and good.

    Which solution did I use previously and why did I switch?

    We haven't demoed anything else before or since. 

    How was the initial setup?

    The initial setup was actually pretty easy, as I recall. The hardest thing was finding space on our rack. That said, once we had that up and running, it was pretty straightforward.

    We needed one or two people to deploy the solution. Two and a half people were on the deployment full-time. 

    What about the implementation team?

    We did the deployment on our own, with Dartrace assisting us remotely. 

    What was our ROI?

    We only demoed the solution for a few months and therefore did not witness an ROI. 

    What's my experience with pricing, setup cost, and licensing?

    The cost was reasonable. They were pitching us a five-year contract at a fairly reduced rate annually. The product cost was on the lower side. I'd rate it a two or three out of five in terms of the expense involved. There were no hidden or extra fees involved. 

    Which other solutions did I evaluate?

    We started looking at some other things yet didn't really dig very deep. When we were initially looking at Darktrace, they were the only game in town for us. They seemed to be unique after the fact.

    What other advice do I have?

    We were end-users. 

    I'd rate the solution an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Director Of Information Technology at a security firm with 1-10 employees
    Real User
    Top 5Leaderboard
    Responsive support, good alerting, but the initial setup is complex and time-consuming
    Pros and Cons
    • "The models, triggers, and alerts are customizable."
    • "The initial setup is more complex and time-consuming than some solutions."

    What is our primary use case?

    We use Darktrace to analyze our network traffic.

    What is most valuable?

    Darktrace is a good product, although it depends on how much time you put into it.

    The models, triggers, and alerts are customizable.

    What needs improvement?

    The initial setup is more complex and time-consuming than some solutions.

    For how long have I used the solution?

    I have been working with Darktrace for more than a year.

    What do I think about the stability of the solution?

    Darktrace is quite stable, but potentially expensive.

    What do I think about the scalability of the solution?

    The vendor has different options for scaling. I use the appliance; they also offer a cloud service but I prefer the appliance. I put it between the router and the core switch and it picks up all of the traffic.

    How are customer service and support?

    The technical support is better than Check Point. They respond more quickly.

    Which solution did I use previously and why did I switch?

    I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

    Darktrace requires a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. In general, it's more sophisticated. As far as getting the settings and the configuration and the models that you want, it would help if you spent some time on that. We're a small team. It's beneficial to me and I can see that with more time and energy put into optimizing it and personalizing the unit, it can be much more powerful than the way I am using it now. That said, it's my secondary device. We're working on a lot of different projects, so I haven't assigned any of my guys to it yet. Ultimately, when it's fully integrated, it may end up being as useful as the Check Point.

    The reason I keep all three is that they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

    With respect to similar security products, I have demoed CrowdStrike and worked with Symantec.

    How was the initial setup?

    You have to customize it to the way you want, in order for it to work best for your environment. Definitely take time to train while you can during deployment.

    Some things do work well, out of the box. However, this would be better suited for somebody that can take the time to configure it correctly during deployment.

    What's my experience with pricing, setup cost, and licensing?

    Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year.

    I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

    What other advice do I have?

    My advice for anybody who is implementing Darktrace is that you definitely need to take your time. Sit down and understand how to use the model breach customization. They use models and if something hits that model, it triggers an alert.

    I would rate this solution a six out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Security Engineer at a real estate/law firm with 1,001-5,000 employees
    Real User
    Top 20
    Provides a higher level of threat detection, detects any type of attack, and very useful for an autonomous response
    Pros and Cons
    • "The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
    • "They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."

    What is our primary use case?

    We use it to protect IoT devices. Darktrace does network traffic analysis. So, by analyzing all traffic patterns in your environment, you can detect any type of anomalous activity, as far as the network is concerned. 

    I have been using its latest version. Its deployment depends on the environment. It can do sensors in the cloud, and it can also do on-prem.

    How has it helped my organization?

    It provided a higher level of threat detection.

    What is most valuable?

    The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response. 

    What needs improvement?

    They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there. 

    For how long have I used the solution?

    I used it for about a year.

    What do I think about the stability of the solution?

    It is a very stable product. We didn't have any issues.

    What do I think about the scalability of the solution?

    It has sensors that you can install. So, it can scale on-prem and off-prem in the cloud.

    It is being used extensively. We have 2,000 employees. We use it to protect IoT devices. We also use it to protect Windows servers, desktops, and laptops. Its usage would increase if the net grows, but it's probably not going to grow too much bigger than 2,000 employees.

    How are customer service and technical support?

    The support from Darktrace is very helpful.

    Which solution did I use previously and why did I switch?

    We didn't use any other solution previously. 

    How was the initial setup?

    It was pretty straightforward. You just monitor everything from your core switch. It monitors everything in and out.

    We got it up in half an hour, but it still has to learn. You still have to give it some time to learn about the environment, and that's usually going to be at least two weeks.

    What about the implementation team?

    We brought in their guy to the site. In terms of maintenance, it is automatically set up to reach out to their website and pull down updates and stuff. We don't have to worry about that too much.

    What's my experience with pricing, setup cost, and licensing?

    It was $3,600 a month or $2,000 plus or so. I am not sure. 

    Its licensing is pretty simple.

    Which other solutions did I evaluate?

    We were thinking about getting another solution called Vector, but we didn't. We brought Darktrace in.

    What other advice do I have?

    Darktrace is a pretty good company. The only thing that they need to really work on is just being able to get rid of some of those false positives. Once the solution is tuned up, it pretty much just runs.

    I would advise making sure that you do a really good PoC of the product so that you can be sure that it makes sense in your environment.

    I would rate it a nine out of 10. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Luis KiambatA - PeerSpot reviewer
    Director de Desenvolvimento Tecnológico at Cetim
    Reseller
    Top 10
    Great autonomous support, offers an easy setup, and has responsive support
    Pros and Cons
    • "Technical support is helpful and responsive."
    • "The pricing is a bit high for the region."

    What is our primary use case?

    We primarily use the solution for IT. Customers use it for banks or construction sites, depending on our customers. We haven't had an OT implementation yet. However, we have interest from two companies.

    What is most valuable?

    The autonomous response is great. It blocks basically everything that is outside the normal, and what's happening 24/7. When we don't have anybody looking, it's great. The visibility that it gives you into any incident is great. You can see everything. I would say these two are the biggest aspects we really appreciate.

    It is easy to set everything up.

    The solution is stable. 

    Users can scale the product.

    Technical support is helpful and responsive. 

    What needs improvement?

    We need more integrations with other customers and other platforms. For example, we need integrations with the major players. We'd like to see them integrate with Sophos and integrate with other vendors.

    The pricing is a bit high for the region. 

    For how long have I used the solution?

    I started dealing with the solution about three years ago. 

    What do I think about the stability of the solution?

    This is stable. There are no bugs or glitches. It doesn't crash or freeze. 

    What do I think about the scalability of the solution?

    Most of our customers are mid-level companies. 

    It's scalable, depending on the size and the range. For example, if we have to change appliances, the number of devices duplicates. If we measure an appliance for 300 devices and then the customer has 600 or 1,000, then we have to see if the box is viable. If not, we have to change the box. That said, it's very much scalable in terms of capacity.

    How are customer service and support?

    We're happy with technical support. Recently, we had an incident with a client, a customer. We contacted support, and they gave quick feedback. I'm good with the level of service.

    Which solution did I use previously and why did I switch?

    We are basically a reseller of solutions, so we resell Darktrace, Check Point, Fortinet, and Imperva, for example.

    How was the initial setup?

    The solution is very easy to set up. In one hour, you have everything set up and ready to run.

    What's my experience with pricing, setup cost, and licensing?

    The solution is a little bit expensive for customers in Africa. They're not so accustomed to paying for solutions that are so costly. It's been really tricky to sell and make a margin off of the sale as a reseller.

    In terms of the exact cost, it depends on the features. It also depends on the size of the customer. In the ballpark, we're talking about $30K, $50K, and up. It can even be as much as $50K or $100K.

    You could have a customer that's paying $50K over three years. Then, as a reseller, you have an extra margin that you have to add.

    What other advice do I have?

    We are not necessarily using the latest version of the solution right now. 

    It's totally different from any other solution a customer may have used. You have visibility, and it will find anything that you miss with other solutions. I would advise new users to start using it as soon as possible. Buy it. It's totally better than other solutions.

    I'd rate the solution nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    System Architect at a energy/utilities company with 51-200 employees
    Real User
    Top 20
    Stable with helpful technical support and good network visibility
    Pros and Cons
    • "The product offers us a very good user interface and we've found the network visibility to be very good so far."
    • "It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not."

    What is most valuable?

    Overall, I like the system. The product offers us a very good user interface and we've found the network visibility to be very good so far. The solution has one window and shows all networks.

    The solution comes in multiple languages, including English and Arab options.

    The solution is stable.

    We've found that technical support is helpful and available to assist us if we need them.

    What needs improvement?

    There are some automation capabilities, however, they could be presented better.

    The manual is difficult to follow. While it presents some use cases, it's not very clear. There may also be some language barriers, as it's not available in my language.

    Some aspects of the initial setup are complex. 

    It would be useful if there was a way to check to see if there are certain devices that are not in sync with the solution. I'm not sure if this is an option or not. 

    The cost of the solution is quite high.

    I'm very interested in ISO 27001 and these processes. I'd like to better understand how it supports this kind of workflow.

    For how long have I used the solution?

    I haven't used the solution for very long. It may only be about 20 hours or so. It's very, very new. 

    What do I think about the stability of the solution?

    The solution is mostly stable. I found that, during the POC, sometimes my rights would do off and I would have to reinstate them, however, other than that, it was very stable. The performance was good. 

    What do I think about the scalability of the solution?

    I've only used the solution for a short amount of time. I can't really speak to the scalability. There were different models that I tried, however, I can't speak about how different models affect the scalability. I've only used it for a very short amount of time.

    There are maybe three or four people on the solution, now that we've tested it. 

    How are customer service and technical support?

    I haven't really interacted so much with technical support, however, there is a person available to us that could help us troubleshoot or answer our questions if we need assistance. 

    How was the initial setup?

    There are aspects of the initial setup that are not very straightforward. there is some complexity. I needed to keep going back to the manual to check things at certain points. 

    What's my experience with pricing, setup cost, and licensing?

    We are still currently in the test period. Within the year, we will have to invest in the cost of licensing. We have not done that yet.

    The solution itself is quite expensive. 

    Which other solutions did I evaluate?

    We did look at other solutions, however, I can't speak to which solutions we actually looked at.

    What other advice do I have?

    We are a partner.

    I'm not sure which version of the solution we're using. My understanding is that it is version 5.

    I would recommend the solution to others. However, it's important to ensure you use the solution in order to set up your processes correctly and to the benefit of the organization.

    So far, I would rate the solution at an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2023
    Buyer's Guide
    Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.