We just raised a $30M Series A: Read our story

Compare Awake Security Platform vs. Vectra AI

Cancel
You must select at least 2 products to compare!
Awake Security Platform Logo
4,174 views|1,554 comparisons
Vectra AI Logo
13,736 views|6,470 comparisons
Featured Review
Find out what your peers are saying about Awake Security Platform vs. Vectra AI and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The security knowledge graph has been very helpful in the sense that whenever you try a new security solution, especially one that's in the detection and response market, you're always worried about getting a lot of false positives or getting too many alerts and not being able to pick out the good from the bad or things that are actual security incidents versus normal day to day operations. We've been pleasantly surprised that Awake does a really good job of only alerting about things that we actually want to look into and understand. They do a good job of understanding normal operations out-of-the-box.""It gives us something that is almost like an auditing tool for all of our network controls, to see how they are performing. This is related to compliance so that we can see how we are doing with what we have already implemented. There are things that we implemented, but we really didn't know if they were working or not. We have that visibility now.""The interface itself is clean and easy to use, yet customizable. I like that I can create my own dashboards fairly easily so that I can see what is important to me. Also, the query language is pretty easy to use. I haven't needed to use it a ton, but as I need to go in and do different queries based on their requests, it has been fairly simple to use.""We appreciate the value of the AML (structured query language). We receive security intel feeds for a specific type of malware or ransomware. AML queries looking for the activity is applied in almost real-time. Ultimately, this determines if the activity was not observed on the network.""The most valuable portion is that they offer a threat-hunting service. Using their platform, and all of the data that they're collecting, they actually help us be proactive by having really expert folks that have insight, not just into our accounts, but into other accounts as well. They can be proactive and say, 'Well, we saw this incident at some other customer. We ran that same kind of analysis for you and we didn't see that type of activity in your network.'""This solution help us monitor devices used on our network by insiders, contractors, partners, or suppliers. Its correlation and identification of specific endpoints is very good, especially since we have a large, virtualized environment. It discerns this fairly well. Some of the issues that we have had with other tools is we sometimes are not able to tell the difference between users on some of those virtualized instances.""The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we don't necessarily use it just for threat hunting, but we also use it for debugging network issues. We can use it to ask questions and get answers about our network. For example: Which users and devices are using the VPN for RDP access? We can write a query pretty quickly and get an answer for that.""This solution’s encrypted traffic analysis helps us stay in compliance with government regulations. It is all about understanding data exfiltration, what is ingressing and egressing in our network. One common attack vector is exfiltrating data using encryption. My capabilities to see potential data exfiltration over encrypted traffic is second to none now."

More Awake Security Platform Pros »

"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away.""It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra.""It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response.""One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team.""The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day.""It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution...""The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those.""It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."

More Vectra AI Pros »

Cons
"I would like to see the capability to import what's known as STIX/TAXII in an IOC format. It currently doesn't offer this.""One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided this feedback to Awake. My understanding is that this is where some of the AI/ML is, and it hasn't been reliable in correctly identifying which device an activity is associated with. We have also encountered issues where it has merged two devices into one entity profile when they shouldn't be merged. The entity resolution is the weakest point of Awake so far.""While the appliance is very good, and I think they're working on it, it would probably help if they integrated the management team cases into the appliance so that everything we are working on with them would be accessible on our platform, on the dashboard, on the portal. Right now, Awake is just an additional team that uses the appliance that we use and then we communicate with them directly. Communication isn't through the portal.""Awake Security needs to move to a 24/7 support model in the MNDR space. Once they do that, it will make them even better.""When I looked at the competitors, such as Darktrace, they all have prettier interfaces. If Awake could make it a little more user-friendly, that would go a long way.""One thing I would like to see is a little bit more education or experience on AWS cloud for their managed services team. We've explained how we have the information set up, that the traffic coming in goes to the AWS load balancer and then gets sent on to our internal servers... but when I get notices they always tell me this traffic is coming from the IPs belonging to the load balancers, not the source IPs. So a little bit more education for their team about how AWS manages the traffic might help out.""They've been focused on really developing their data science, their ability to detect, but over time, they need to be able to tie into other systems because other systems might detect something that they don't.""Be prepared to update your SOPs to have your analysts work in another tool separately. There are some limitations in the integrations right now. One of the things that I want from a security standpoint is integration with multiple tools so I don't need to have my analysts logging into each individual tool."

More Awake Security Platform Cons »

"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks.""It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability.""The main improvement I can see would be to integrate with more external solutions.""We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events.""Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated.""I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking.""In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment.""One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it."

More Vectra AI Cons »

Pricing and Cost Advice
"We switched to Awake Security because they were able to offer a model that was significantly less expensive and the value that we get out of it is higher.""The solution is very good and the pricing is also better than others...""Awake Security was the least expensive among their competitors. Everyone was within $15,000 of each other. The other solutions were not providing the MNDR service, which is standard with Awake Security's pricing/licensing model.""The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at.""The solution has saved thousands of dollars within the first day. Our ROI has to be in the tens of thousands of dollars since October last year.""Awake's pricing was very competitive. It's not a cheap option though. It's an investment to utilize it, but it's one that we decided was worth the cost, with the managed services. At our scale, it was a much better option to utilize their software and their managed services to handle this, rather than hiring another person to be an analyst. It was quite cost-effective for us."

More Awake Security Platform Pricing and Cost Advice »

"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses.""Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links.""Cost is a big factor, as always. However, I think we have a very good price–performance ratio.""We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy.""We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for.""At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money.""From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country.""There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

More Vectra AI Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
554,382 professionals have used our research since 2012.
Questions from the Community
Top Answer: The query language that they have is quite valuable, especially because the sensor itself is storing some network activity and we're able to query that. That has been useful in a pinch because we… more »
Top Answer: The pricing seems pretty reasonable for what we get out of it. We also found it to be more competitive than some other vendors that we've looked at. We paid for the appliances and for the MNDR and the… more »
Top Answer: One concern I do have with Awake is that, ideally, it should be able identify high-risk users and devices and entities. However, we don't have confidence in their entity resolution, and we've provided… more »
Top Answer: Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an… more »
Top Answer: Cost is a big factor, as always. However, I think we have a very good price–performance ratio.
Top Answer: If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation… more »
Ranking
Views
4,174
Comparisons
1,554
Reviews
8
Average Words per Review
2,404
Rating
8.9
Views
13,736
Comparisons
6,470
Reviews
17
Average Words per Review
2,214
Rating
9.0
Comparisons
Also Known As
Awake
Vectra Networks, Vectra AI NDR
Learn More
Overview

Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts.

Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.

Offer
Identify hidden network threats


Your network may have security risks that you don't know about. Schedule a live demo to see how you can use Awake Security to identify and mitigate these threats.

Learn more about Vectra AI
Sample Customers
Coming Soon...
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Top Industries
REVIEWERS
Insurance Company18%
Financial Services Firm9%
Legal Firm9%
Engineering Company9%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider22%
Financial Services Firm5%
Media Company4%
REVIEWERS
Financial Services Firm19%
Retailer19%
Manufacturing Company13%
Mining And Metals Company13%
VISITORS READING REVIEWS
Comms Service Provider26%
Computer Software Company24%
Government6%
Financial Services Firm6%
Company Size
REVIEWERS
Small Business18%
Midsize Enterprise18%
Large Enterprise64%
VISITORS READING REVIEWS
Small Business22%
Midsize Enterprise47%
Large Enterprise32%
REVIEWERS
Small Business18%
Midsize Enterprise6%
Large Enterprise76%
VISITORS READING REVIEWS
Small Business25%
Midsize Enterprise22%
Large Enterprise53%
Find out what your peers are saying about Awake Security Platform vs. Vectra AI and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.

Awake Security Platform is ranked 7th in Network Traffic Analysis (NTA) with 8 reviews while Vectra AI is ranked 2nd in Network Traffic Analysis (NTA) with 17 reviews. Awake Security Platform is rated 8.8, while Vectra AI is rated 9.0. The top reviewer of Awake Security Platform writes "The time from finding threats to remediation is almost instantaneous". On the other hand, the top reviewer of Vectra AI writes "Gives us that extra chance to stop a disaster before it happens". Awake Security Platform is most compared with Darktrace, Cisco Stealthwatch, ExtraHop Reveal(x), Corelight and Splunk User Behavior Analytics, whereas Vectra AI is most compared with Darktrace, Cisco Stealthwatch, ExtraHop Reveal(x), Palo Alto Networks Threat Prevention and Corelight. See our Awake Security Platform vs. Vectra AI report.

See our list of best Network Traffic Analysis (NTA) vendors and best Network Detection and Response (NDR) vendors.

We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.