TrustRadius: an HG Insights company

Darktrace

Score9 out of 10

75 Reviews and Ratings

Get a Demo

What is Darktrace?

Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.

Categories & Use Cases

Reviews

What users are saying about Darktrace.
View all reviews

detects anomalous network activity

Incentivized
Verified User
Manager in Information Technology (201-500 employees employees)

Use Cases and Deployment Scope

We use Darktrace's NETWORK and EMAIL services to monitor for and act upon anomalous activity. Their use of AI algorithms allows the detection system to instantly halt all threatening traffic. In addition, the EMAIL service uses similar technology to weed out malicious email, perform email link locking and blocking, and more to keep your users and network safe.

Pros

  • detects anomalous network activity
  • automatically act on detected threats
  • email link locking
  • email link blocking

Cons

  • The dashboard offers a lot of data but can also be very confusing to use
  • Tooltips for icons could be more detailed

Return on Investment

  • They will negotiate on pricing if you're insistent
  • Expect 5%+ price increase for each year across the contract

Usability

Alternatives Considered

Palo Alto Networks Advanced Threat Prevention, Palo Alto Networks Advanced URL Filtering and Palo Alto Networks Cortex XDR

Other Software Used

Palo Alto Networks Cortex XDR, Palo Alto Networks Advanced Threat Prevention, Palo Alto Networks Advanced URL Filtering

Darktrace Threat Identification and Analysis

Incentivized
Verified User
Director in Information Technology (51-200 employees employees)

Use Cases and Deployment Scope

We installed Darktrace to scan our network traffic to identify anomalies and potential threats. The install was reasonable as the device just requires a TAP port. (I recommend giving it the fastest tap you can.) The device learned for a few weeks and then switched into identification mode, altering us to non-standard activity.

Pros

  • Network scanning
  • Anomaly detection
  • Threat alerting

Cons

  • The system has so many features and places to tweak we found it hard to tune for our use.
  • We met regularly with someone from Darktrace to assist us in processing the alerts
  • The process for mail scanning requires you to reroute mail traffic

Return on Investment

  • There were a few critical times where the network scanning identified the source of issues we suspected, but could not pin down
  • At least one time the device provided detailed information we would not have found any other way

Usability

Alternatives Considered

Sophos Managed Detection and Response

If you want to unleash the Power of AI for Threat Detection, go for Darktrace

Incentivized
Verified User
Professional in Information Technology (51-200 employees employees)

Use Cases and Deployment Scope

We have been using Darktrace for Threat Detection, Network Visibility, Antigena features/PREVENT for automated responses and to be in compliance. It's AI and ML capabilities to continuously monitor network traffic and user behavior are exceptional. It gives an in-depth visibility to our network. We have integrated it with Microsoft365 for Emails which helps detect phishing emails, malicious attachment blocking, spam filtering and malicious link blocking.

Pros

  • It detects anomalies or deviations from this baseline, it can raise alerts or take automated actions to investigate and mitigate the issue.
  • It's "Antigena" feature can take automated actions in response to detected threats. You can have antigena for both network and emails and the system will do the blocks at it's own
  • It integrates with Microsoft365 to identify and respond to email-based threats, including phishing attempts and malicious attachments.

Cons

  • Whitelisting email or IP are not straight forward
  • Although the GUI is great but it's too complex
  • If filters can be easier to implements

Most Important Features

  • Antigena for network
  • Antigena for Email
  • Malicious link blocking
  • Machine learning model

Return on Investment

  • Positive impact: Early Threat Detection
  • Positive impact: Reduced Manual Effort
  • Positive impact: Compliance Assistance
  • Positive impact: Improved Incident Response
  • Positive impact: Reduced Downtime
  • Negative impact: Training and Skill Requirements
  • Negative impact: False Positives
  • Negative impact: Implementation Costs

Alternatives Considered

Symantec Advanced Threat Protection and Palo Alto Networks Next-Generation Firewalls - PA Series

Other Software Used

Palo Alto Networks Next-Generation Firewalls - PA Series, Microsoft 365, AWS Backup

Darktrace threat visualizer, leading NDR solution with peace of mind.

ROBERT OFOLI KWEIView profile
Senior Security Specialist in Information Technology at Consolidated Bank Ghana Limited (5001-10,000 employees employees)

Use Cases and Deployment Scope

The Darktrace's Threat Visualizer leverage an enterprise immune system technology to detect and respond to network activity in a way that is intended for use by security operation centres, threat analysts, and network security experts. Business problems Darktrace helps us address; -
  • The Threat Visualizer employs the underlying AI models to dynamically detect threats that are actually abnormal in the increasingly complex threat landscape, enabling us at the SOC to concentrate attention and expertise where it is needed.

  • The Threat Visualizer gives us a visual representation of all network activity and connections—both internal and external—between all machines and users, allowing us to observe how the network is flowing.
  • It functions on a broad scale, highlighting various hazards and anomalies for the analyst's attention, and on a more specific one, enabling you to drill down.

Pros

  • Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
  • Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
  • Darktrace comes with it autonomous AI model detection and responses capabilities.
  • Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.

Cons

  • AI detection Model
  • Customisable
  • Improves on the User Behaviour Behaviour analytics model
  • Consistently improve model self learning.

Most Important Features

  • Threat visualizer
  • Self -learning Al model
  • Darktrace UEBA antigen model -
  • Darktrace AI analyst feature.
  • self-quarantine and alerting feature.

Return on Investment

  • It has increase business process
  • Decision making process improvement.
  • Meeting regulator and industry wide compliance.
  • Acquiring industry known business certification.
  • Boost customer confidence .

Alternatives Considered

Cisco Secure Network Analytics

Other Software Used

Cisco Secure Network Analytics, Trellix Detection as a Service, NetWitness Network

Usability

Darktrace Antigena email a good solution to protect corporate email.

Incentivized
Antonio Rodriguez
Information Technology Audit Manager in Information Technology at GDES (201-500 employees employees)

Use Cases and Deployment Scope

We use Darktrace Antigena email to protect our employees from any threat that can arrive by email. Our email provides, does an initial filtering, but not enough to provide a good security solution. Antigena email provides machine speed to analyze and block if necessary, using AI.

Pros

  • Block malicious attachments.
  • Block phishing emails.
  • Provide an awesome security to corporate email.
  • Good analytics and metrics about emails.

Cons

  • Change IU language.
  • Sometimes excessive block (restrictive).
  • Sometimes it takes too much time to remove an email from inbox

Most Important Features

  • Block any threat before it impact you.
  • Good dashboard.
  • Really interesting metrics.
  • Easy to use and integrate with your current email provider.
  • DLP

Return on Investment

  • Protected us from ransomware attacks.
  • Protected us from phishing attacks.
  • Protected us from several malicious campaigns against us.
  • Helps in DLP area, you can see who's sending emails outside organization.

Alternatives Considered

Barracuda Email Security Gateway and Proofpoint Email Protection

Other Software Used

Hyper-V, TeamViewer, Veeam Data Platform Foundation, Rydoo, Adobe Acrobat, VMware Cloud Director, Fortinet FortiGate, ManageEngine ServiceDesk Plus

Related Products

Products similar to Darktrace that may also meet your needs.
All comparisons
Vectra Threat Detection & Response Platform
CompareLearn more
ExtraHop Reveal(x)
CompareLearn more
Sangfor NGAF
CompareLearn more