Darktrace Reviews

Name: Darktrace
Brand: Darktrace
Rating: 4.1 (79 reviews)

Vendor: Darktrace

4.1 out of 5

79 reviews
94% willing to recommend

2,183 followers

Start review

What is Darktrace?

Darktrace is a leading cybersecurity solution that leverages artificial intelligence and machine learning to provide advanced threat detection, response, and risk management capabilities. Many reviewers find Darktrace's AI and machine-learning capabilities to be valuable. They appreciate its ability to detect anomalies and threats that might go unnoticed by traditional security tools. Overall, the general sentiment towards Darktrace from reviewers is positive. Users seem to appreciate its scalability, stability, AI capabilities, visibility, and ease of use.

Get the Darktrace Buyer's Guide and find out what your peers are saying about Darktrace, CrowdStrike Falcon, Wazuh and more!

Darktrace is the #1 ranked solution in top Intrusion Detection and Prevention Software, #1 ranked solution in Network Traffic Analysis tools, #1 ranked solution in top Network Detection and Response (NDR) solutions, #2 ranked solution in top AI-Powered Chatbot vendors, #2 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #3 ranked solution in top Attack Surface Management (ASM) solutions, #6 ranked solution in XDR Security products, #9 ranked solution in top Email Security solutions, #12 ranked solution in top Cloud-Native Application Protection Platforms (CNAPP) solutions, and #15 ranked solution in top Cloud Security Posture Management (CSPM) solutions. PeerSpot users give Darktrace an average rating of 8.2 out of 10. Darktrace is most commonly compared to CrowdStrike Falcon: Darktrace vs CrowdStrike Falcon. Darktrace is popular among the large enterprise segment, accounting for 50% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Helped 849,686 peers since 2012

Featured Darktrace reviews

Peter-Murphy

Head of Technology Operations at Pobl Group

The most valuable feature of Darktrace is its ability to detect and counter threats before they occur. The autonomous response capability is always enabled, blocking threats immediately without hesitation. Additionally, the Darktrace email platform is a significant asset since it addresses incoming threats before they reach the network, enhancing our security measures. Protecting the business is essential, and ensuring security through 24/7 AI monitoring is invaluable.

Read full review

Luis KiambatA

Director de Desenvolvimento Tecnológico at Cetim

The autonomous response is great. It blocks basically everything that is outside the normal, and what's happening 24/7. When we don't have anybody looking, it's great. The visibility that it gives you into any incident is great. You can see everything. I would say these two are the biggest aspects we really appreciate. It is easy to set everything up. The solution is stable. Users can scale the product. Technical support is helpful and responsive.

Read full review

Mohamed Eletreby

Solution Architect at a tech services company with 51-200 employees

The features that are most valuable to me include detection, response with analytics, and network detection. These features are particularly effective because they provide comprehensive security analytics. Additionally, the analytics aspect is highly appreciated for its effectiveness. I do not use the automation response since I have another product handling automation. Furthermore, I believe that the reporting needs enhancement for better performance.

Read full review

Darktrace mindshare

Product category:

As of May 2025, the mindshare of Darktrace in the Extended Detection and Response (XDR) category stands at 9.4%, down from 10.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

PeerResearch reports based on Darktrace reviews

Type	Title	Date
Category	Extended Detection and Response (XDR)	Apr 30, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2025	Download
Comparison	Darktrace vs CrowdStrike Falcon	Apr 30, 2025	Download
Comparison	Darktrace vs SentinelOne Singularity Complete	Apr 30, 2025	Download
Comparison	Darktrace vs Wazuh	Apr 30, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	15.5%	96%	126 interviews Add to research
Wazuh	3.7	12.9%	79%	46 interviews Add to research

Valuable Features

Darktrace's most valuable features include AI-driven threat detection, autonomous response, customizable alerts, intuitive interface, and rapid anomaly identification. The Enterprise Immune System and Antigena technology provide comprehensive network visibility, reducing false positives and enhancing security monitoring. Users appreciate its integration capabilities, real-time monitoring, detailed reporting, cloud protection, and extensive user behavior analytics. The dynamic dashboard and mobile accessibility enhance its appeal, making it user-friendly and effective for proactive cybersecurity management.

"I would 100% recommend Darktrace."
"The autonomous mode, which is the Antigena AI response, is particularly valuable."
"I highly recommend the overall solution to other users and rate it as nine out of ten."

Room for Improvement

Darktrace users find the pricing high and seek improved integration with SIEM solutions. They want enhanced endpoint protection, user-friendly interfaces, and better automation. The false positives and reporting complexity need addressing. Additional integrations and more real-time threat detection capabilities are desired. Improved documentation and training are essential, with requests for more comprehensive data insights and simplified dashboards. Better alert management and extended mobile functionality are also frequently mentioned.

"Updates keep coming, which is great, but I prefer a unified UI experience. The intelligence section and the incident view should be seamlessly connected in one view to avoid jumping between pages."
"The pricing is costly in USD, and they charge based on device counts."
"The product is considered expensive compared to others."

ROI

Organizations experience excellent ROI from Darktrace through effective threat prevention, enhancing security posture, and identifying system gaps. Some emphasize financial benefits by mitigating risks and avoiding costs related to potential breaches. Users highlight improved visibility and network threat detection. The majority note security improvements, though one group who only participated in a demo found ROI unmeasurable within that timeframe. Overall, Darktrace is seen as an integral security layer and provides significant value to its users.

Pricing

Darktrace's pricing is often described as expensive, with costs varying based on device count, features, and contract length. Many enterprises express that pricing can be high, especially compared to competitors, but find it reasonable given its robust features and capabilities. Some experience discounts or flexibility in payment options. Enterprise buyers note that setup costs can be high and costs can rise with added services. Despite its expense, the advanced technology is frequently valued.

"The pricing is quite high, estimated at around $350,000 per year."
"The product is expensive."
"Darktrace is quite an expensive solution."

Popular Use Cases

Darktrace is primarily used for monitoring and analyzing network traffic to detect threats. Its AI-driven capabilities identify lateral movements, behavioral anomalies, and unusual activities. It supports endpoint data monitoring, enhances network security, and provides threat detection and response. Users leverage it for cybersecurity, integrating with existing systems, offering visibility into networks, and employing automated response via the Antigena module. It assists in identifying malicious connectivity and safeguarding against potential intrusions.

Service and Support

Darktrace's customer service is praised for responsiveness, efficiency, and proactive problem-solving. Users find technical support good, helpful, and fast, providing assistance via multiple platforms. The support team is noted for understanding needs, offering timely responses, and maintaining high availability across regions. Despite some feedback highlighting room for improvement in complex deployments, users appreciate the support's dedication to resolving issues swiftly and coordinating effectively with key personnel, rating the support highly in satisfaction surveys.

Deployment

Darktrace's initial setup was frequently described as straightforward, often completed in under an hour. For those with technical expertise, the process was likened to plug and play. Despite this ease, larger or more complex networks required longer configuration times, sometimes up to several months. Deployments varied significantly based on network size and complexity, with some organizations taking longer due to internal constraints rather than setup difficulty.

Scalability

Darktrace is recognized for its scalability by many users, with numerous instances of smooth scaling across different network sizes. Several clients have successfully expanded their deployments to accommodate more endpoints and users, finding the process efficient and manageable. However, some mention the need for multiple appliances and considerations for traffic management. Despite varying experiences, most agree that Darktrace can effectively handle large-scale network environments.

Stability

Darktrace is frequently described as very stable, with most users citing no major issues, crashes, or glitches. Many rate its stability between eight and ten out of ten, appreciating its reliability and lack of downtime. Occasional minor incidents were generally attributed to user error or external factors rather than the system itself. Some users also noted its stability relative to competitors, making it a preferred choice for monitoring network services.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Darktrace Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

14%

Manufacturing Company

Financial Services Firm

Government

Comms Service Provider

Educational Organization

University

Healthcare Company

Retailer

Construction Company

Non Profit

Insurance Company

Legal Firm

Real Estate/Law Firm

Energy/Utilities Company

Hospitality Company

Wholesaler/Distributor

Media Company

Performing Arts

Transportation Company

Outsourcing Company

Pharma/Biotech Company

Recreational Facilities/Services Company

Consumer Goods Company

Logistics Company

Aerospace/Defense Firm

Compare Darktrace with alternative products

Learn more about Darktrace

Darktrace offers a proactive and intelligent approach to cybersecurity. It utilizes AI algorithms to learn and understand the 'pattern of life' for every user and device within a network. This understanding enables it to detect anomalies that could signify a cyber threat, from subtle insider threats to more obvious ransomware attacks.

Its adaptability, autonomous response features, and comprehensive network visibility make it a top-tier solution for different sizes of organizations and across many industries. It was named one of TIME magazine’s ‘Most Influential Companies’ in 2021 and protects over 8,800 organizations globally from advanced cyber threats.

Darktrace Cyber AI Loop

The Darktrace Cyber AI Loop introduces an advanced artificial intelligence-based system for cybersecurity, designed to build a self-improving defense mechanism. This system functions like a closed loop, where each stage feeds information and insights into the next, amplifying the overall effectiveness of the platform.

The key components of the loop are:

DETECT - An AI engine that monitors your network and endpoints for anomalous activity, constantly learning the normal behavior of your users and devices. It identifies suspicious patterns and potential threats in real-time, even from never-before-seen attacks.
PREVENT - This proactive arm analyzes vulnerabilities and identifies weaknesses in your IT infrastructure. It prioritizes patching and configuration changes to harden defenses before attackers can exploit those vulnerabilities.
RESPOND - When DETECT identifies a threat, RESPOND takes immediate action to contain and neutralize it. This can involve isolating compromised devices, disrupting attacker activity, and automatically escalating critical incidents to human analysts.
HEAL - This newest addition to the loop focuses on post-incident recovery. It automatically restores compromised systems, cleans infected files, and helps to prevent the attack from spreading further.

Darktrace's AI algorithms can identify threats that traditional security tools might miss. It continuously learns and updates its understanding of what is normal for each environment, ensuring that it can quickly detect and respond to unusual activities that could indicate a breach. Darktrace's Antigena module can autonomously respond to threats in real time. This is particularly crucial in containing fast-moving threats like ransomware, where every second counts.

Darktrace's solution provides unparalleled visibility into all parts of the network, including cloud services, IoT devices, and industrial control systems. This comprehensive coverage ensures that no part of the network is left unprotected. However, while the Darktrace Cyber AI Loop offers a robust solution, it is not a complete cure-all and requires careful implementation and integration with existing security frameworks.Darktrace offers a comprehensive and unified approach to cybersecurity. It provides continuous protection against known and unknown threats, regardless of where they emerge. Darktrace's solutions provide visibility into your cloud infrastructure, continuous monitoring of application usage and communication patterns (e.g., identification of suspicious actions like unauthorized data access), comprehensive email security that goes beyond traditional spam and phishing filters, real-time protection for endpoints, and continuous monitoring of network traffic and device activity.

Darktrace also provides specialized coverage to secure your zero-trust architecture. Identifies compromised identities, unauthorized access attempts, and risky data exfiltration within a least-privilege environment. Finally, it has a dedicated solution for safeguarding industrial control systems and critical infrastructure. Monitors communication patterns, device behavior, and physical access within OT environments, protecting against operational disruptions and cyberattacks.

Darktrace customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.