Vectra AI Reviews

Name: Vectra AI
Brand: Vectra AI
Rating: 4.3 (45 reviews)

Vendor: Vectra AI

4.3 out of 5

45 reviews
97% willing to recommend

2,250 followers

Start review

What is Vectra AI?

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Get the Vectra AI Buyer's Guide and find out what your peers are saying about Vectra AI, Darktrace, Splunk User Behavior Analytics and more!

Vectra AI is the #2 ranked solution in top Network Detection and Response (NDR) solutions, #3 ranked solution in top Intrusion Detection and Prevention Software, #6 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #10 ranked solution in top Identity Threat Detection and Response (ITDR) solutions, and #15 ranked solution in XDR Security products. PeerSpot users give Vectra AI an average rating of 8.6 out of 10. Vectra AI is most commonly compared to Darktrace: Vectra AI vs Darktrace. Vectra AI is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.

Helped 849,686 peers since 2012

Featured Vectra AI reviews

Mohammad Alkurdi

Owner at Fortibits

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

reviewer1439937

Operational Security Manager at a financial services firm with 1,001-5,000 employees

Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM. I am in contact with the Vectra team, if not weekly then on a monthly basis, to propose improvements. For the time being, the main improvement I can see would be to integrate with more external solutions. Since Vectra provides an API, that should be quite easy to handle. For example, we're using an open source ticketing system within our team and I want to have it handled properly by Vectra. We'll go forward on that with the API. Another area for improvement that I have pinpointed is that the Office 365 solution and the Detect solution cannot match the same users. That means we have two "different worlds" currently, the world from Office 365, which is bringing alerts based on users' emails and email addresses. And we have the network world, which is bringing an Active Directory view. On the one hand we are seeing emails or email addresses, and on the other hand we are seeing things like logons on to the domain controller. From time to time, it does not match and the tool cannot currently cross-check this info and consolidate everything. I would like to be able to see that detection related to one workstation and covering a user: what he is using, what services he is using, and what he did with his Office 365 and configuration. That would help. Another major feature would be to have all logs pushed to Cognito Detect, and all these logs should be also pushed to Recall. Currently, within Recall, I can't call up the Office 365 detections and I would love to do so. The last point would be an automated IoT threat feed consumption by the tool.

Read full review

Dave Wallace

Operations Manager at a healthcare company with 51-200 employees

An attractive thing about Vectra AI is the AI component that it has over the top of the detections. It will run intelligence over detections coming across in our environment and contextualize them a bit and filter them before raising them as something that the IT team or SOC need to address. While the device itself is deployed on-prem, the hybrid nature of what it can monitor is important to us. Its ability to group detections for us in an easier way to better identify and investigate is beneficial. It also provides detailed descriptions on the detection, which reduces our research time into what the incident is. There are also some beneficial features around integration with existing products, like EDR, Active Directory, etc., where we can get some hooks to use the Vectra product to isolate devices when threats are found. On a scale of good to bad, Vectra AI is good at having the ability to reduce alerts by rolling up numerous alerts to create a single incident or campaign for investigation. My frame of reference is another product that we had beforehand, which wasn't very good at this side of things. Vectra AI has been a good improvement in this space. In our pretty short time with it so far, Vectra AI has done a lot to reduce the noise and combine multiple detections into more singular or aggregated alerts that we can then investigate with a bit more context. It has been very good for us. There is a level of automation that takes place where we don't have to write as many rules or be very specific around filtering data. It starts to learn, adapt, and automate some of the information coming in. It works by exception, which is really good. Initially, you get a little bit more noise, but once it understands what is normal in your environment, some of the detections are based on whether an action or activity is more than usual. It will then raise it. Initially, you are getting everything because everything is more than nothing, but now we are not getting much of that anymore because the baseline has been raised for what it would expect to see on the network. We use the solution’s Privileged Account Analytics for detecting issues with privileged accounts. Privileged accounts are one of the biggest attack vectors that we can protect ourselves against. This is one of the few solutions that gives you true insight into where some of those privileged accounts are being used and when they are being used in an exceptional way. We have found that Vectra AI captures network metadata at scale and enriches it with security information. We have seen that data enriched with integrations has been available and implemented. This comes back to the integration of our EDR solution. It is enriching its detection with existing products from our EDR suite, and probably some other integrations around AWS and Azure. In the future, we will see that improve even further. One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.

Read full review

Vectra AI mindshare

Product category:

As of May 2025, the mindshare of Vectra AI in the Intrusion Detection and Prevention Software (IDPS) category stands at 11.3%, up from 11.0% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

PeerResearch reports based on Vectra AI reviews

Type	Title	Date
Category	Intrusion Detection and Prevention Software (IDPS)	Apr 30, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2025	Download
Comparison	Vectra AI vs Darktrace	Apr 30, 2025	Download
Comparison	Vectra AI vs Check Point IPS	Apr 30, 2025	Download
Comparison	Vectra AI vs Fortinet FortiGate IPS	Apr 30, 2025	Download

Title	Rating	Mindshare	Recommending
Darktrace	4.1	19.4%	94%	79 interviews Add to research
Splunk User Behavior Analytics	4.1	2.0%	100%	23 interviews Add to research

Valuable Features

Vectra AI's most valuable features include its ability to accurately pinpoint threat locations, reduce alert fatigue by consolidating numerous alerts into actionable incidents, and provide visibility across the attack lifecycle. Users benefit from AI-driven threat prioritization, anomaly detection, and integration with tools like Office 365. The system's high-fidelity alerts, intuitive interface, and real-time response capabilities enhance threat detection, management, and efficiency for security teams.

"Using this tool for automation has provided more benefits to our processes."
"There are many detection features available."
"Most of their use cases, including deployment, are managed by the tool itself, requiring less manual input from our team."

Room for Improvement

Vectra AI users cite the need for improved integration with third-party tools. Their syslogs require enhancement to provide more data. Flexibility in architecture and better customization features are essential. They experience limited visibility due to its network-based design and seek broader detections. Discrepancies in user and device recognition, reporting insufficiencies, and false positives are concerns. Users desire proactive threat responses and better licensing models, along with enhanced support and documentation.

"Multiple appliances are required for Vectra AI, making it less convenient compared to competitors."
"The advantages of the integration are not entirely out-of-the-box. You have to do it manually."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."

ROI

Many note that Vectra AI improves efficiency and visibility, reducing response time to threats and potential financial impacts. Users appreciate decreased workloads and faster data analysis. Some admit ROI is hard to quantify, though many acknowledge risk mitigation as a key return. Several mention notable savings in incident response times, while others emphasize its importance in preventing costly breaches. Many agree Vectra AI provides a significant return compared to other tools.

Pricing

Vectra AI pricing is perceived as high but competitive within the enterprise market. Users frequently cite the complexity of its licensing model, which is based on factors like IP addresses and data throughput, as challenging. While some additional features such as Cognito Recall incur extra costs, users appreciate the flexibility to choose components. Ultimately, its cost is justified by the value provided, though it may be inaccessible for smaller organizations or sectors like education.

"The solution's pricing was 50 percent lower than the other vendors shortlisted."
"The licensing is on an annual basis."
"Vectra AI's pricing is cheaper than that of Darktrace."

Popular Use Cases

Organizations use Vectra AI primarily for enhanced visibility into network traffic to identify malicious activities quickly. It helps detect anomalies and breaches, facilitating investigation and response. Deployed both on-premises and in the cloud, it offers network analysis and threat identification, serving as an additional security layer. Vectra AI aids in monitoring east-west and north-south traffic, ensuring compliance and security policy enforcement across expansive networks with diverse environments.

Service and Support

Vectra AI's customer service is consistently praised for its rapid and effective technical support. Customers appreciate their responsiveness and expertise, with staff often addressing issues swiftly and efficiently. They note prompt follow-ups, knowledge in cybersecurity, and a proactive approach to problem-solving. Regular updates and incorporation of customer feedback into features are common, reflecting a commitment to improvement and satisfaction amidst their company's growth. Communication and personalized support stand out as key strengths.

Deployment

Customers found Vectra AI's initial setup straightforward. Implementation often involved straightforward steps, and deployment took anywhere from days to a couple of weeks depending on complexity and organizational needs. Users noted that the process benefited from strong support and documentation. Challenges included determining architecture and integration details, but most found the configuration manageable. In some cases, internal scope changes affected timelines more than any issues with the technology itself.

Scalability

Vectra AI offers impressive scalability, handling substantial network traffic across various environments. Organizations can deploy numerous virtual sensors while maintaining performance, with flexibility to scale by adjusting hardware as needed. Many clients find it scales effectively with cloud and on-premise deployments, supporting diverse user counts and infrastructure sizes. Planning is crucial for optimal scalability; capacities can be increased with additional sensors when necessary. Some suggest improvements for streamlined architecture and enhanced capacity management.

Stability

Vectra AI is praised for its stability, with many noting it has never crashed or had major issues. Users appreciate its reliability, automatic updates, and ease of maintenance. Most report minimal downtime and efficient performance, with stability being a key strength. Despite initial hardware glitches, these were swiftly resolved. Some encountered bugs, but nothing significant. A few users reported minor issues like latency, but consider Vectra AI robust and reliable.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Vectra AI Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

Government

Healthcare Company

University

Retailer

Comms Service Provider

Educational Organization

Real Estate/Law Firm

Non Profit

Insurance Company

Legal Firm

Energy/Utilities Company

Construction Company

Outsourcing Company

Transportation Company

Media Company

Wholesaler/Distributor

Writing And Editing Position

Hospitality Company

Performing Arts

Recreational Facilities/Services Company

Pharma/Biotech Company

Consumer Goods Company

Marketing Services Firm

Compare Vectra AI with alternative products

Learn more about Vectra AI

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Vectra AI was previously known as Vectra Networks, Vectra AI NDR.

Vectra AI customers

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association