Darktrace Reviews

I work for a Managed Security Service Provider (MSSP), and we provide the solution for our clients to improve their security posture in both IT and OT. The deployments are typically hybrid. 

The solution is outstanding from a monitoring perspective. 

All of the features are valuable and provide excellent capability in the field.

Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides.

A relatively new module called Darktrace PREVENT provides digital protection to the company from the internet. However, the protection doesn't extend to the dark web, which limits its depth. PREVENT also offers phishing awareness training in the form of dummy attacks and some penetration testing, but it is very limited from my point of view.

The AI and Darktrace breach model must be enhanced to minimize false positives, as they can give our customers a negative impression of the solution. Some of them come to us and say they aren't getting what they expect from it, especially after a significant investment.

I initially used the product in 2016, then returned to it in 2022 and have been using it for about a year. Over the years, the extension to the Darktrace portfolio has been tremendous, and they have made improvements in many areas, including reporting and autonomous response.

The stability is very good; I rate the solution eight out of ten here. 

The solution is scalable; I rate it eight out of ten for scalability.

Darktrace tech support is helpful, but there is room for improvement, especially around assistance for complex deployments. I rate them seven out of ten. 

Neutral

The deployment is straightforward. However, a complex network, such as one in the cloud and a DOCSIS ecosystem, can become extremely difficult. Generally, though, the deployment is straightforward, and in our case, we completed the whole setup in three to four hours.

Specifically, large, complex MPLS networks are exceedingly tricky when deploying Darktrace. We may need more experience or training, but it would be good to see some improvements here.

Our InfoSec team uses the solution, consisting of two to three staff members. Regarding endpoints protected by the product, there were around 400 in my old position and 2000 in my current organization.

I'm unfamiliar with the exact cost, but we have a yearly license and had to pay for Darktrace's services before the deployment. The product is very expensive, so some organizations can't afford to pay the total amount directly, meaning they often seek a partner or pay in installments, which increases the price more.

Darktrace requires direct billing to London, which isn't possible for organizations in Qatar, so they have to go through processes that increase the price even further. If they had an office in Dubai or Qatar, that could solve this payment issue.

I rate the solution eight out of ten and highly recommend it.

From a technological perspective, Darktrace is an excellent company, and the rate at which they improved and continue to improve their product is impressive.

All the data is on the appliance on the customers' premises, and we have to open back doors to the analysts in London to access the devices, who have complete visibility into what's happening on the customer side. This is a significant negative point for Darktrace. They also have complete visibility into our email, which is a privacy concern for us. 

The solution is a security cover for our on-premises solution to improve our security rating. Also, we want to protect our emails.

It has helped the organization to detect any malware affecting the machines. For example, if any phishing email creates a factory view bug or some of the workstations have some weird activities, or if someone downloaded malware from the internet, then Darktrace sends us a warning notification to look into the details so that our machine does not get involved with the malware. This function has helped our organization.

The network monitoring and the email monitoring features are very valuable for us.

The main portal needs improvement as it is difficult to use. But it's straightforward to follow compared to other VPN portals, for example, Azure. You don't have to bug the customer support team quite often.

They can add the EDR and follow-up options in the next release. For instance, if something happens, we get a notification. If a follow-up option is available, we can create a case and then understand how to record the evidence.

I have been using Darktrace for one year.

It is a stable solution. I rate it nine out of ten.

It is a scalable solution. I rate it a nine out of ten. Presently, 150 users are using the solution, and we wish to increase the number of users in the future.

The technical support team is slow, but not that bad. I rate it eight out of ten.

Positive

I do not know much about it, as an engineer from Darktrace did the setup for us.

The engineer from Darktrace set it up about two years ago.

There has been a return on investment using the product.

We pay 8,000 a year. The pricing is reasonable.

If any company has enough budget to put another layer between the internet and the on-prem device, they should consider Darktrace.

I rate the product a nine and a half out of ten.

We use Darktrace to monitor our network and block URLs from certain countries. Darktrace is integrated with our firewall, so the blocking is automatic. 

We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them. 

Darktrace blocks any new scanning tools that are detected on your system. 

I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets.

We have used Darktrace for about six months.

Darktrace is highly stable. We haven't had any downtime except for a power outage last year. 

We reported one case, and Darktrace support responded right away.  They assigned us an account executive who contacts us at least once monthly to discuss any outstanding issues. 

Setting up Darktrace was pretty straightforward. We had to open the port that is plugged into the switch. The whole process was done in under five minutes. You plug in the device and turn it on. 

Darktrace has helped us identify gaps in our system.

Darktrace is pricey, but the price is reasonable for what the solution does, and it's comparable to other products.

I rate Darktrace 8.5 out of 10. I recommend doing a proof of concept to see what you're getting. We got good results. During the POC, Darktrace showed us lots of things we didn't know about. 

Darktrace is used for network security.

The solution can be deployed in the cloud and on-premise.

The most valuable feature of Darktrace is the AI that detects abnormal network activity.

Although we haven't detected any network threats since implementing Darktrace, we are unsure of its efficacy. It would be beneficial if the solution could offer additional details to the user regarding any potential or prevented threats. Additionally, there could be better search tools and integration.

I have been using Darktrace for approximately three years.

The stability has been good in my usage.

I rate the stability of Darktrace an eight out of ten.

We have serval engineers that use Darktrace.

I rate the scalability of Darktrace an eight out of ten.

The support has been good. When we contacted them we received a helpful response.

I rate the support of Darktrace an eight out of ten.

We have used many similar solutions before Darktrace. We choose Darktrace because of the AI. We can develop many use cases with the solution.

The initial setup of Darktrace is straightforward. We are using Slunk and the implementation is simple.

We used a third party for parts of the implementation of Darktrace.

There is an annual license to use Darktrace.

One person can handle the maintenance of Darktrace.

I recommend the solution to others.

I rate Darktrace an eight out of ten.

We primarily use the solution for IT. Customers use it for banks or construction sites, depending on our customers. We haven't had an OT implementation yet. However, we have interest from two companies.

The autonomous response is great. It blocks basically everything that is outside the normal, and what's happening 24/7. When we don't have anybody looking, it's great. The visibility that it gives you into any incident is great. You can see everything. I would say these two are the biggest aspects we really appreciate.

It is easy to set everything up.

The solution is stable. 

Users can scale the product.

Technical support is helpful and responsive. 

We need more integrations with other customers and other platforms. For example, we need integrations with the major players. We'd like to see them integrate with Sophos and integrate with other vendors.

The pricing is a bit high for the region. 

I started dealing with the solution about three years ago. 

This is stable. There are no bugs or glitches. It doesn't crash or freeze. 

Most of our customers are mid-level companies. 

It's scalable, depending on the size and the range. For example, if we have to change appliances, the number of devices duplicates. If we measure an appliance for 300 devices and then the customer has 600 or 1,000, then we have to see if the box is viable. If not, we have to change the box. That said, it's very much scalable in terms of capacity.

We're happy with technical support. Recently, we had an incident with a client, a customer. We contacted support, and they gave quick feedback. I'm good with the level of service.

We are basically a reseller of solutions, so we resell Darktrace, Check Point, Fortinet, and Imperva, for example.

The solution is very easy to set up. In one hour, you have everything set up and ready to run.

The solution is a little bit expensive for customers in Africa. They're not so accustomed to paying for solutions that are so costly. It's been really tricky to sell and make a margin off of the sale as a reseller.

In terms of the exact cost, it depends on the features. It also depends on the size of the customer. In the ballpark, we're talking about $30K, $50K, and up. It can even be as much as $50K or $100K.

You could have a customer that's paying $50K over three years. Then, as a reseller, you have an extra margin that you have to add.

We are not necessarily using the latest version of the solution right now. 

It's totally different from any other solution a customer may have used. You have visibility, and it will find anything that you miss with other solutions. I would advise new users to start using it as soon as possible. Buy it. It's totally better than other solutions.

I'd rate the solution nine out of ten.

Darktrace learns patterns and can identify malicious behavior based on that learning. It learns what tasks users perform, what data they access, and similar activities. Unlike an EDR, which uses patterns and signatures to identify existing threats, Darktrace uses AI to learn and recognize patterns. This provides a different approach to monitoring and detecting anomalies. 

Pricing could be cheaper.

I have been using Darktrace as an end user for three years.

I rate the solution’s scalability a ten out of ten.

The initial setup is straightforward and takes a couple of hours.

We did in-house because we've got skill levels, but differently depending from time to time, depending on

The benefit is the security. You probably have a security case, an alarm system, and one or two locks. You don't rely on one security device; you have different layers. Darktrace is just one of those layers.

It is very expensive.

I rate the product’s pricing a ten out of ten, where one is cheap and ten is expensive.

I am the sole administrator and monitor of Darktrace because we have a small IT team. However, Darktrace monitors our entire organization. In a larger company with many IT departments, multiple people might monitor Darktrace and engage with it. Our finance company has a small IT department.

Darktrace adapted to the evolving landscape of cybersecurity threats by leveraging proprietary technology and machine learning algorithms. Their unique approach and cutting-edge solutions have established them as a leading company.

It's difficult to gauge the effectiveness of Darktrace because we don't fully understand how it operates; we only see the alerts it generates. If we create an event on the network, Darktrace will alert us so we know it works in those scenarios. If something new and unknown happens on the network, it's unclear whether Darktrace will detect it. We're paying a lot of money, hoping it does, as Darktrace is a proprietary technology. It might work, or it might not detect some threats. We don't have full visibility or a map of its coverage.

Darktrace can be expensive, depending on the use case. It's like comparing different types of cars: some people need a two-seater, while others need a ten-seater. Darktrace is more like a seven-seater—very specific and not suitable for everyone. 

Overall, I rate the solution an eight out of ten.

We were trying to justify Darktrace, and I was starting to do an analysis of the different solutions. We did a POC and haven't made a decision as to if we will use it or not.

We were just trying to validate their claims of AI-driven preventive network issues. They showed us a number of things, and we were able to show or verify that, yes, the things that they pointed out we were glad they caught. Nothing turned out to be a true intrusion, however, the stuff that they showed us were things that we were happy to see on our network. They discovered traffic on our network that was anomalous. We were just looking to see if they could point us to anomalous traffic, and they did.

We liked their approach to identifying intrusions or network anomalies using AI.

We liked their interface and the graphics that they deployed to present the information. It was really good, and we were happy with the overall quality of the product, which was very, very robust.

The implementation was easy.

We didn't really notice any downsides to the product. We were very impressed with it. It was a matter of timing and cost. Upper management wasn't sold on the value proposition.

We had demoed Darktrace for a few months.

It ran pretty fast. Its interface was quick, and it did not impact our network traffic. It didn't slow down anything on our network. It was stable. 

We had a sense that it was going to handle our network without many problems. We have a few hundred endpoints of all types, and there was no problem. We had three users on the solution. 

Since we weren't really entirely familiar with the product we were, I'd say we were probably using 10% to 20% of its capabilities.

When we originally initially configured and set it up, we used some support, and we were happy with them. We thought they were very confident and good.

We haven't demoed anything else before or since. 

The initial setup was actually pretty easy, as I recall. The hardest thing was finding space on our rack. That said, once we had that up and running, it was pretty straightforward.

We needed one or two people to deploy the solution. Two and a half people were on the deployment full-time. 

We did the deployment on our own, with Dartrace assisting us remotely. 

We only demoed the solution for a few months and therefore did not witness an ROI. 

The cost was reasonable. They were pitching us a five-year contract at a fairly reduced rate annually. The product cost was on the lower side. I'd rate it a two or three out of five in terms of the expense involved. There were no hidden or extra fees involved. 

We started looking at some other things yet didn't really dig very deep. When we were initially looking at Darktrace, they were the only game in town for us. They seemed to be unique after the fact.

We were end-users. 

I'd rate the solution an eight out of ten.

Darktrace is an appliance that has been installed in our network, and it is connected to the database SaaS applications and they're collecting the data from there.

We are using Darktrace for tracking our network and if any suspicious activity happens, we will be notified or we can check it on our tenant.

The most valuable features of Darktrace are its full capabilities. You have visibility of everything.

Darktrace could improve by being more user-friendly.

I have been using Darktrace for approximately six months.

Darktrace is stable.

The scalability of Darktrace is good.

We have approximately 350 users using the solution in my company. Everyone is using it.

The support from Darktrace is responsive and speedy.

I rate the support of Darktrace a nine out of ten.

Darktrace is simple to install and the full process took approximately three weeks.

The deployment of Darktrace was done by the vendor.

The price of Darktrace is high and could be reduced. We pay approximately $30,000 to $54,000 annually.

The cost of the solution is high making it an issue for smaller companies. We are a small organization and it is difficult to afford. We are not a large organization. For this reason, the solution's price must be reduced. Having 350 users is not a large organization. It's a small organization and paying approximately $30,000 to $54,000 annually, is a lot. However, sometimes we had too many services to have more visibility and be secure, this is the idea why we went with Darktrace without negotiating the prices.

I recommend Darktrace to others, it is a helpful service you will have full visibility of what's happening on your network, emails, and SaaS applications.

I rate Darktrace an eight out of ten.