Darktrace Reviews

Normally, when we have a setup, and I log in with any guest, Darktrace blocks us from remotely logging in from within the office network. It ensures that we cannot remote log in anywhere. It is a security system that identifies hacking attempts. Darktrace also integrates with VirusTotal for verification. Additionally, we use the email protection feature.

Darktrace ensures that we do not have breaches on our systems, and it helps improve our security status before breaches can even reach our system.

The investigative part of Darktrace is valuable, especially the automation features. It allows setting up checks and provides guidance on mitigating situations, which is very useful. There are different modules that you can add to the console for protection.

The Darktrace Mobile app needs improvement as it's currently limited in functionality, and the learning AI takes a while to adapt to new devices, flagging new users as threats for up to a month before recognizing them as regular network users.

I have been using Darktrace for almost a year now.

Darktrace is very stable. I can reliably check logs and track what is happening within the system.

The scalability isn't a high priority for us as it mostly deals with system security. It provides necessary features for security enhancement whenever needed.

The support provided by Darktrace is very good. We had issues with Darktrace Mobile, and they assisted us with a solution, even allowing us to test new features.

Positive

I joined the current company after Darktrace was already in use, so I do not have information on previous solutions.

The initial setup can be rated as a seven out of ten because it involves going into the console and ensuring that the network settings are correctly configured.

Two people are enough for deployment, provided they know the network settings and configurations.

By using Darktrace alongside Mimecast, it has helped improve our security posture by preventing breaches before they reach our system.

I do not have any experience regarding the pricing or setup costs as it was managed by the company administration.

I did not have any information on other solutions evaluated prior to Darktrace as they were in use before I joined the company.

Darktrace is a good product to invest in if you can afford it. It provides excellent security features.

I'd rate the solution eight out of ten.

The solution is a security cover for our on-premises solution to improve our security rating. Also, we want to protect our emails.

It has helped the organization to detect any malware affecting the machines. For example, if any phishing email creates a factory view bug or some of the workstations have some weird activities, or if someone downloaded malware from the internet, then Darktrace sends us a warning notification to look into the details so that our machine does not get involved with the malware. This function has helped our organization.

The network monitoring and the email monitoring features are very valuable for us.

The main portal needs improvement as it is difficult to use. But it's straightforward to follow compared to other VPN portals, for example, Azure. You don't have to bug the customer support team quite often.

They can add the EDR and follow-up options in the next release. For instance, if something happens, we get a notification. If a follow-up option is available, we can create a case and then understand how to record the evidence.

I have been using Darktrace for one year.

It is a stable solution. I rate it nine out of ten.

It is a scalable solution. I rate it a nine out of ten. Presently, 150 users are using the solution, and we wish to increase the number of users in the future.

The technical support team is slow, but not that bad. I rate it eight out of ten.

Positive

I do not know much about it, as an engineer from Darktrace did the setup for us.

The engineer from Darktrace set it up about two years ago.

There has been a return on investment using the product.

We pay 8,000 a year. The pricing is reasonable.

If any company has enough budget to put another layer between the internet and the on-prem device, they should consider Darktrace.

I rate the product a nine and a half out of ten.

We were testing the solution to see its network detection response capabilities. 

We had an okay experience with the product and didn't really have any issues. 

The Antigena feature is very useful.

It is stable. 

The product can scale. 

Support so far has been helpful and responsive. 

I don't have any specific issues with the solution. We are still in the early phase of analyzing the product.

The cost is a bit on the higher side. We'd like it to be less expensive. 

We were using the solution. In the past month, we stopped using it. We used it for three months.

We're just trying the solution. We had meetings. We were testing it. Nothing is finalized.

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is scalable. However, it varies on a case-by-case basis. 

We have four people working with the solution in our company right now. They are in the IT department. 

We did speak to technical support and found them to be very helpful and responsive. 

I did not handle the setup process. We had a vendor come in and set it up and handle the whole process. 

The vendor set the solution up with us. 

The cost is a little high.

We've budgeted about 50,000 Kuwaiti dinars for the solution. That is a yearly operating cost.

We're busy with some different projects and we wanted to evaluate different products as well on the same technology. We looked into, for example, Check Point EDR and options like Crowdstrike.

We're a potential end-user. We tested the solution. We just tried different scenarios to see what would suit us. We were testing it and will still go ahead with testing. The testing is not yet complete. We've put it on hold for now; however, we will still continue testing in the coming days.

I'd rate the solution eight out of ten.

I'd advise potential new users that they should definitely give it a try; however, the price is on the higher side. Darktrace has to consider lowering its price.

Our use cases for Darktrace are intrusion detection in the complete network, including for all the devices connected, detection, emails, email spoofing, and supply chain attacks.

The most valuable Darktrace feature is the cloud protection for all the cloud services, OneDrive, and all the things related to that.

Darkforce could be improved in the range of the interface; how to interact with the actions it's taking or not taking.

I have been using Darktrace for about a year now. 

Darktrace is stable. 

Darktrace is scalable.

The initial setup was quite straightforward. It took us between two and six months. We got shipped an appliance and installed it in the data center. It then started collecting data. We had a few reviews of what it was collecting and what it would do. There was a test phase after which we enabled it, part by part, following a series of reviews.

Right now, 350 users are affected by Darkforce in our organization. It exists in the background, so they are not actively using it.

One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself. You need to review what it's doing every now and then. You may, for example, need to release an email that was blocked for some reason, but it's quite low maintenance overall.

You do not need an engineer to manage it. It can be managed by a manager as doing so is not super technical. You always have access to Darktrace support, which means their engineers are available help you with the more complex stuff.

Our deployment was done by Darktrace themselves, but they have some partners that also do it. Once you are up and running, you can deploy any additional appliances by yourself.

This is a difficult question and one that was asked of us by the higher ups, but you have to compare the cost with what would happen if there was a breach. It is difficult to articulate a return on investment in hard numbers, but I can see that Darkforce deflects typical attacks and protects users.

I cannot be completely sure what the license cost but it is on a per-user basis. I handle the technical side, so I do not have insight into how much we are paying for it exactly.

I would surely recommend Darkforce. The price might be quite high, but it is really worth it.

We primarily use the solution for network detection and response.

Antigena is the most valuable due to the reduction in terms of the mean time to respond.

The solution can scale.

It's reliable and stable. 

Technical support is great.

The pricing is good. 

The initial setup is a bit complex. 

It's quite a good product. However, I'd love them to see maybe covering the cloud a bit more. We'd like a cloud version. For example, FortiGate firewalls now have virtual firewalls that you can just install, as well as the cloud. They can drive it with Microsoft, and Microsoft can maybe provide technology that would allow Darktrace to work seamlessly in the cloud. 

I've used the solution for almost two and a half years. 

The solution is stable. It's reliable. 

The solution is very scalable. You can also install it in a Citrix environment very easily.

The whole security team has access to it. That said, I have the most hands on in terms of the product. Five or six people use the solution.

Technical support is great. They come from the UK and they came out to Africa to meet us personally. The engineers are always available. Their resellers are supportive. Even to this day we still run through weekly meetings.

We consume quite a lot of products from Darktrace, so we have a few. We got that Darktrace Network, Antigena, Cloud Sales, and AIS integrations, et cetera.

This is my first time working with an NDR that has AI and machine learning.

From a networking perspective, it is a bit complex since we sort of have to keep an end tab on the network for network log ingestion, flow ingestion, and all of that.

The implementation took about two months or so.

We did the implementation with the help of a technician from Darktrace and a reseller. I'd rate their assistance a ten out of ten. They were great.

The pricing is reasonable. I'm not sure of the exact costs. However, they are not that expensive. We pay annually.

I did not compare the solution to other options, although I did look into Cisco Secure Network Analytics.

I'm an end-user.

It's quite a good tool. They've worked hard to be the top security control in terms of AI and machine learning, and their product works well. Cisco would not match up. Maybe Palo Alto Cortex could do what they do. Cisco is not a security house, even though they have the networking knowledge and all of that. Most of their products are only now catching up to cybersecurity.

I'd rate Darktrace ten out of ten.

The solution automatically monitors everything on the network to prevent anti-phishing by monitoring, responding, and restoring the system. It prevents data excavation.

The most valuable feature is that it works autonomously. So you only need to look at the exceptions.

The solution can improve the reporting. Currently, it only runs weekly and the reporting is complex. It is more of a network monitoring system, basically AI.

I have been using the solution for four years.

The solution is stable and solid.

The solution is scalable and designed to be enterprise-wide.

Previously we used Intercept X which is more at the virus level endpoint, but Darktrace is an overall network and phishing solution.

The initial setup did not appear complex.  

The implementation was completed by a vendor technician. The setup was simple and took a couple of hours.

The solution is about $6,000 per quarter.

I give the solution ten out of ten.

Our organization has about 50 nodes and there is no maintenance involved because it is self-maintaining. I recommend the solution, it is better than SIM.

We use Darktrace to analyze our network traffic.

Darktrace is a good product, although it depends on how much time you put into it.

The models, triggers, and alerts are customizable.

The initial setup is more complex and time-consuming than some solutions.

I have been working with Darktrace for more than a year.

Darktrace is quite stable, but potentially expensive.

The vendor has different options for scaling. I use the appliance; they also offer a cloud service but I prefer the appliance. I put it between the router and the core switch and it picks up all of the traffic.

The technical support is better than Check Point. They respond more quickly.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace requires a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. In general, it's more sophisticated. As far as getting the settings and the configuration and the models that you want, it would help if you spent some time on that. We're a small team. It's beneficial to me and I can see that with more time and energy put into optimizing it and personalizing the unit, it can be much more powerful than the way I am using it now. That said, it's my secondary device. We're working on a lot of different projects, so I haven't assigned any of my guys to it yet. Ultimately, when it's fully integrated, it may end up being as useful as the Check Point.

The reason I keep all three is that they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike and worked with Symantec.

You have to customize it to the way you want, in order for it to work best for your environment. Definitely take time to train while you can during deployment.

Some things do work well, out of the box. However, this would be better suited for somebody that can take the time to configure it correctly during deployment.

Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

My advice for anybody who is implementing Darktrace is that you definitely need to take your time. Sit down and understand how to use the model breach customization. They use models and if something hits that model, it triggers an alert.

I would rate this solution a six out of ten.

Darktrace is used for detecting network-based threats like ransomware in the early stage or illicit communications with external endpoints.

A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time. Data acquisition is the source rather than tapping the data downstream after some processing.

Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection. They could thereby have a more holistic knowledge of the system through network information or through visibility into the operating system of the endpoints.

I have been working with Darktrace for four years.

Darktrace is a very stable solution.

Darktrace is a very scalable solution. Our clients for Darktrace are enterprise customers.

The solution’s technical support is very good.

Positive

The solution’s initial setup is very straightforward.

The solution's deployment time depends on the complexity of the network. For some huge networks, you need to tap the right resources and measure the system to acquire all the required traffic. The deployment is very straightforward in smaller networks where you have to connect to only one switch.

Darktrace is quite an expensive solution. Users need to pay a yearly licensing fee for the solution.

Darktrace has improved our client's organization's threat detection and response capabilities. Darktrace has helped users intercept and stop ransomware attack attempts in the very early stage, within a couple of minutes of its detection Autonomous response is a very good and useful feature that differentiates Darktrace from other solutions.

One person can easily maintain the solution. Darktrace easily integrates with our client's IT infrastructure solutions, like Microsoft 365, CrowdStrike, and Palo Alto firewalls. Darktrace has impacted our clients' incident response time to be very quick.

Darktrace is an autonomous solution. Users have to ensure they present all the traffic to the tool so it can intercept threats and not have hidden spots in their networks.

Overall, I rate Darktrace a nine out of ten.