Network Security Engineer at Social Security Commission
Real User
Top 5
Can be deployed in half a day and is scalable
Pros and Cons
  • "I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
  • "It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."

What is our primary use case?

We have a layered approach to our cyber security. We have unified threat management and use several solutions such as Kaspersky, FortiGate, and Mimecast. However, we felt that we needed something on top of all of these and decided to go with Darktrace. We only have one in-house IT security person and were looking for a solution like Darktrace that was more automated.

What is most valuable?

I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it.

What needs improvement?

It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time.

For how long have I used the solution?

We did a proof of concept with Darktrace for a year.

Buyer's Guide
Darktrace
March 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and support?

Darktrace's technical support staff were responsive. We did not have to wait long for feedback on anything.

How was the initial setup?

We were able to deploy it in half a day. One person can handle the maintenance of the solution.

What about the implementation team?

We implemented the solution with the help of Darktrace representatives.

What's my experience with pricing, setup cost, and licensing?

We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once.

Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution.

What other advice do I have?

I would rate Darktrace at nine out of ten. It is a growing product that helps with an ever changing threat landscape. Traditional endpoint antivirus solutions will not be able to keep up.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Assistant Manager - Network & Security at a financial services firm with 5,001-10,000 employees
Real User
Issue-free with a helpful Antigena feature and responsive support
Pros and Cons
  • "The product can scale."
  • "The cost is a bit on the higher side."

What is our primary use case?

We were testing the solution to see its network detection response capabilities. 

What is most valuable?

We had an okay experience with the product and didn't really have any issues. 

The Antigena feature is very useful.

It is stable. 

The product can scale. 

Support so far has been helpful and responsive. 

What needs improvement?

I don't have any specific issues with the solution. We are still in the early phase of analyzing the product.

The cost is a bit on the higher side. We'd like it to be less expensive. 

For how long have I used the solution?

We were using the solution. In the past month, we stopped using it. We used it for three months.

We're just trying the solution. We had meetings. We were testing it. Nothing is finalized.

What do I think about the stability of the solution?

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

What do I think about the scalability of the solution?

It is scalable. However, it varies on a case-by-case basis. 

We have four people working with the solution in our company right now. They are in the IT department. 

How are customer service and support?

We did speak to technical support and found them to be very helpful and responsive. 

How was the initial setup?

I did not handle the setup process. We had a vendor come in and set it up and handle the whole process. 

What about the implementation team?

The vendor set the solution up with us. 

What's my experience with pricing, setup cost, and licensing?

The cost is a little high.

We've budgeted about 50,000 Kuwaiti dinars for the solution. That is a yearly operating cost.

Which other solutions did I evaluate?

We're busy with some different projects and we wanted to evaluate different products as well on the same technology. We looked into, for example, Check Point EDR and options like Crowdstrike.

What other advice do I have?

We're a potential end-user. We tested the solution. We just tried different scenarios to see what would suit us. We were testing it and will still go ahead with testing. The testing is not yet complete. We've put it on hold for now; however, we will still continue testing in the coming days.

I'd rate the solution eight out of ten.

I'd advise potential new users that they should definitely give it a try; however, the price is on the higher side. Darktrace has to consider lowering its price.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Darktrace
March 2024
Learn what your peers think about Darktrace. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.
Tim Bosman - PeerSpot reviewer
Chief Information Officer at Amadys
Real User
Top 10
Strong intrusion detection in the complete network; low maintenance
Pros and Cons
  • "One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
  • "Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking."

What is our primary use case?

Our use cases for Darktrace are intrusion detection in the complete network, including for all the devices connected, detection, emails, email spoofing, and supply chain attacks.

What is most valuable?

The most valuable Darktrace feature is the cloud protection for all the cloud services, OneDrive, and all the things related to that.

What needs improvement?

Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking.

For how long have I used the solution?

I have been using Darktrace for about a year now. 

What do I think about the stability of the solution?

Darktrace is stable. 

What do I think about the scalability of the solution?

Darktrace is scalable.

How was the initial setup?

The initial setup was quite straightforward. It took us between two and six months. We got shipped an appliance and installed it in the data center. It then started collecting data. We had a few reviews of what it was collecting and what it would do. There was a test phase after which we enabled it, part by part, following a series of reviews.

Right now, 350 users are affected by Darkforce in our organization. It exists in the background, so they are not actively using it.

One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself. You need to review what it's doing every now and then. You may, for example, need to release an email that was blocked for some reason, but it's quite low maintenance overall.

You do not need an engineer to manage it. It can be managed by a manager as doing so is not super technical. You always have access to Darktrace support, which means their engineers are available help you with the more complex stuff.

What about the implementation team?

Our deployment was done by Darktrace themselves, but they have some partners that also do it. Once you are up and running, you can deploy any additional appliances by yourself.

What was our ROI?

This is a difficult question and one that was asked of us by the higher ups, but you have to compare the cost with what would happen if there was a breach. It is difficult to articulate a return on investment in hard numbers, but I can see that Darkforce deflects typical attacks and protects users.

What's my experience with pricing, setup cost, and licensing?

I cannot be completely sure what the license cost but it is on a per-user basis. I handle the technical side, so I do not have insight into how much we are paying for it exactly.

What other advice do I have?

I would surely recommend Darkforce. The price might be quite high, but it is really worth it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Serena Bryson - PeerSpot reviewer
Information Security Program Manager at a non-profit with 11-50 employees
Real User
Top 10
Useful traffic tracing, good support, and beneficial anomaly alerts
Pros and Cons
  • "Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
  • "I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools."

What is our primary use case?

Darktrace is used for lateral entry investigations, lateral movement investigations, behavioral anomalies from end users, and endpoint detection.

How has it helped my organization?

Darktrace has helped our organization by troubleshooting a few issues that were happening in the environment. It was able to see the traffic between the two network components.

What is most valuable?

Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies.

What needs improvement?

I did not use the AI features because they should make it more user-friendly which would be a benefit. Additionally, the solution could integrate with more SIEM or SOAR tools.

For how long have I used the solution?

I have been using Darktrace for approximately two and a have years.

What do I think about the stability of the solution?

Darktrace is stable. We had it set up to where it was redundant. If one sensor went offline, we had another sensor that was constantly monitoring, and it worked well for us.

What do I think about the scalability of the solution?

The scalability of Darktrace was very good.

We had a license for five users, but we had two that were working on it on a daily basis.

How are customer service and support?

We used Darktrace's technical support to help with the setup and with implementation.

I rate the support from Darktrace a four out of five.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I did not use a similar solution prior to Darktrace.

How was the initial setup?

The initial setup of Darktrace was straightforward, but we used professional services to do it.

What about the implementation team?

We used professional services for the implementation of Darktrace.

What was our ROI?

We received a return on investment using Darktrace.

Which other solutions did I evaluate?

We evaluated other solutions prior to using Darktrace.

What other advice do I have?

My advice to others is they have to understand that the solution is looking for behavioral anomalies, and it is going to take tuning to achieve this. It's not a set-it-and-forget-it solution. You have to monitor, update, and optimize it for your environment.

I rate Darktrace an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Wally Lee - PeerSpot reviewer
Vice President | Head of Information Systems & Manufacturing Engineering at a manufacturing company with 51-200 employees
Real User
Top 10
Self-maintaining, works autonomously, and prevents data excavation
Pros and Cons
  • "The most valuable feature is that it works autonomously."
  • "The solution can improve the reporting."

What is our primary use case?

The solution automatically monitors everything on the network to prevent anti-phishing by monitoring, responding, and restoring the system. It prevents data excavation.

What is most valuable?

The most valuable feature is that it works autonomously. So you only need to look at the exceptions.

What needs improvement?

The solution can improve the reporting. Currently, it only runs weekly and the reporting is complex. It is more of a network monitoring system, basically AI.

For how long have I used the solution?

I have been using the solution for four years.

What do I think about the stability of the solution?

The solution is stable and solid.

What do I think about the scalability of the solution?

The solution is scalable and designed to be enterprise-wide.

Which solution did I use previously and why did I switch?

Previously we used Intercept X which is more at the virus level endpoint, but Darktrace is an overall network and phishing solution.

How was the initial setup?

The initial setup did not appear complex.  

What about the implementation team?

The implementation was completed by a vendor technician. The setup was simple and took a couple of hours.

What's my experience with pricing, setup cost, and licensing?

The solution is about $6,000 per quarter.

What other advice do I have?

I give the solution ten out of ten.

Our organization has about 50 nodes and there is no maintenance involved because it is self-maintaining. I recommend the solution, it is better than SIM.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Director Of Information Technology at a security firm with 1-10 employees
Real User
Top 5Leaderboard
Responsive support, good alerting, but the initial setup is complex and time-consuming
Pros and Cons
  • "The models, triggers, and alerts are customizable."
  • "The initial setup is more complex and time-consuming than some solutions."

What is our primary use case?

We use Darktrace to analyze our network traffic.

What is most valuable?

Darktrace is a good product, although it depends on how much time you put into it.

The models, triggers, and alerts are customizable.

What needs improvement?

The initial setup is more complex and time-consuming than some solutions.

For how long have I used the solution?

I have been working with Darktrace for more than a year.

What do I think about the stability of the solution?

Darktrace is quite stable, but potentially expensive.

What do I think about the scalability of the solution?

The vendor has different options for scaling. I use the appliance; they also offer a cloud service but I prefer the appliance. I put it between the router and the core switch and it picks up all of the traffic.

How are customer service and support?

The technical support is better than Check Point. They respond more quickly.

Which solution did I use previously and why did I switch?

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace requires a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. In general, it's more sophisticated. As far as getting the settings and the configuration and the models that you want, it would help if you spent some time on that. We're a small team. It's beneficial to me and I can see that with more time and energy put into optimizing it and personalizing the unit, it can be much more powerful than the way I am using it now. That said, it's my secondary device. We're working on a lot of different projects, so I haven't assigned any of my guys to it yet. Ultimately, when it's fully integrated, it may end up being as useful as the Check Point.

The reason I keep all three is that they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike and worked with Symantec.

How was the initial setup?

You have to customize it to the way you want, in order for it to work best for your environment. Definitely take time to train while you can during deployment.

Some things do work well, out of the box. However, this would be better suited for somebody that can take the time to configure it correctly during deployment.

What's my experience with pricing, setup cost, and licensing?

Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

What other advice do I have?

My advice for anybody who is implementing Darktrace is that you definitely need to take your time. Sit down and understand how to use the model breach customization. They use models and if something hits that model, it triggers an alert.

I would rate this solution a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Manager at SJ Securities Sdn Bhd
Real User
Top 5
Quick to deploy with great detection capabilities and quick-responding support
Pros and Cons
  • "We are able to detect a lot of things, actually, and see what is happening in our network."
  • "It's quite expensive to have."

What is our primary use case?

The product is a type of intrusion detection and prevention software. It is for network traffic monitoring.

What is most valuable?

We are able to detect a lot of things, actually, and see what is happening in our network.

It offers good protection.

The deployment is quick. 

What needs improvement?

It's good as a solution, however, for me, it's quite complicated. They've got a lot of features there. You need a lot of time to learn it.

It's quite expensive to have.

For how long have I used the solution?

I've used the solution for around a year.

What do I think about the stability of the solution?

The core is stable. There are no bugs or glitches and it doesn't crash or freeze. 

What do I think about the scalability of the solution?

It's not high on scalability, in the box itself. You don't need scalability to scale out the server like that. 

There is one that is able to monitor the entire network. Our entire IT department is on the product. We have a three-person technical team. We may expand usage later this year. 

How are customer service and support?

Technical support is quite good. Every quarter, they will contact us for a meeting, however, any issue actually is reported online and their response is quite fast.

How was the initial setup?

The deployment was very fast. They just put the appliance in and connect our call switch and do everything else that is needed. It's all very fast.

What about the implementation team?

We used the SI to help us with the implementation. 

What's my experience with pricing, setup cost, and licensing?

The pricing is expensive. It costs over $100,000 a year. There are no additional costs beyond the price of the license. 

Which other solutions did I evaluate?

I'm currently exploring other solutions as a comparison. We are looking for Sangfor Cyber Command.

What other advice do I have?

We're a customer and end-user.

It's my understanding that we are on version five.

I'd advise users that it's a good solution, however, they need to be prepared for a large learning curve. 

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Administrator at a healthcare company with 501-1,000 employees
Real User
Detailed interface and good granularity but too expensive
Pros and Cons
  • "t was pretty as far as the granularity of what you were getting out of it."
  • "The price point for the product was too high for what our possible use case could be."

What is our primary use case?

We're part of our regional hospital group in Northwestern Ontario. One of our group members was using the DarkTrace product suite. It was brought forward that other hospitals within the group may want to try it. A couple of us did a demo, which basically involved getting the appliance installed in our data center and routing all the traffic through it. 

We basically had the product running for a company, however, it really didn't pop up or offered anything that we were not already aware of. 

What is most valuable?

It has a very detailed interface - almost too detailed. It was pretty as far as the granularity of what you were getting out of it. 

The solution is very detailed. It has lots of fancy graphics that don't necessarily lead to a good outcome regarding knowing what's going on.

What needs improvement?

The only problem with these kinds of demos is that unless something actually goes wrong or you have something in the data center already; you don't see any difference. However, no news is good news.

The price point for the product was too high for what our possible use case could be. The demo might have gone more favorably in their direction if something had actually occurred during the demo. However, nothing did, and management decided that it was not worth the very high price.

The interface didn't really give you a whole bunch of insight into actually what was going on.

They did have some AI that they claimed could tell if traffic was malicious or what the intent of the traffic was. We never got to see that actually do anything. They identified some traffic. They said it was malicious. However, it turns out it was a known traffic that we had occurring, and it wasn't malicious. So there were a few missteps that way.

The UI is too dark.

We ultimately didn't find any value in the product.

For how long have I used the solution?

We did a demo for two or three months. We did not use the solution for a very long time. 

What do I think about the scalability of the solution?

In terms of scalability, you would need a separate device for every location. For our particular hospital, we actually have three or four main facilities, or what we would consider main facilities. You'd actually need to have a physical box for every deployment in order for traffic to be efficiently detected. They did say that we could route the traffic from the site through the box. However, essentially, that would be doubling the traffic load, which didn't really seem like it was a wise decision. As far as scalability, the box that we had was very capable of handling the traffic load that we were producing. I would say we are probably using maybe ten percent of it at the most at peak levels.

How are customer service and support?

We had some interactions with them during setup and during the demo. They were fine.

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup depends on the network. We had a mature infrastructure which made it a bit more challenging.

It took us a few hours to set everything up and make sure it was capturing everything it needed to. 

If you had a straightforward Cisco environment where you could easily forward traffic and CDP needed, it would be pretty easy. 

What's my experience with pricing, setup cost, and licensing?

I'd rate the pricing two or three out of ten. It is pretty expensive. For us, it just wasn't worth it. 

What other advice do I have?

We are customers and end-users. 

I'd rate the solution five out of ten. It's an interesting maturing market. They do have potential, however, they do need to work a fair bit on their AI models and their interface.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Darktrace Report and get advice and tips from experienced pros sharing their opinions.