We just raised a $30M Series A: Read our story
Cancel
You must select at least 2 products to compare!
Darktrace Logo
44,155 views|29,158 comparisons
Vectra AI Logo
13,736 views|6,470 comparisons
Featured Review
Find out what your peers are saying about Darktrace vs. Vectra AI and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Ability to see events and exactly what traffic or website the device had tried to connect to that raised the alert or issue.""AI analytics are built directly into the product.""It is very stable and easy to use.""The most valuable feature of this solution is that it does not require human intervention to eliminate a threat.""The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7.""Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside.""I particularly like Antigena and the analytics around the real-time monitoring of our network. I also like its reporting because it has got a seven-day reporting period within the system. Every time you run the reports, it gives you the data about the previous seven days. I like that because it is in real-time. I enjoy reading those reports and getting a very clear and decisive idea of what's happening on my network on a real-time basis. I like the actual real-time monitoring of spoofing and things like that. I also like the user monitoring as well as the network logging capabilities.""I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."

More Darktrace Pros »

"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources.""Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day.""The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment.""Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis.""It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload.""It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra.""It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part.""One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."

More Vectra AI Pros »

Cons
"I would like to see more protection in the endpoint. Especially because we have a lot of people using VPNs. If they would improve end point security, it would give more control there.""The interface is too mathematical and it should be simplified.""The user interface and the configuration are a bit complex and should be improved or simplified.""It can have more integration with orchestration or event management solutions. They can provide more knowledge or research information for analysts for investigating cases and detecting anomalies in networks.""The solution could be easier to use.""The product doesn't have an endpoint agent that can react to triggers set on the device,""They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there.""One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."

More Darktrace Cons »

"It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability.""I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats.""They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard.""The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit.""I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking.""Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team.""One thing which I have found where there could be improvement is with regard to the architecture, a little bit: how the brains and sensors function. It needs more flexibility with regard to the brain. If there were some flexibility in that regard, that would be helpful, because changing the mode of the brain is complex. In some cases, the change is permanent. You cannot revert it.""Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."

More Vectra AI Cons »

Pricing and Cost Advice
"When it comes to large installations, it can be expensive, but for small accounts it's fine.""If you consider the features and the cost of market leaders, we are satisfied with the pricing.""The pricing is very flexible for Darktrace. Sometimes, a customer does not have the appropriate budget, but Darktrace can handle that. They offer monthly payments, so the customer can acquire the solution very easily.""The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want.""It is a very expensive product.""This solution is expensive.""Our customers feel that the price of Darktrace is quite high compared to other solutions.""It was $3,600 a month or $2,000 plus or so. I am not sure. Its licensing is pretty simple."

More Darktrace Pricing and Cost Advice »

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links.""The pricing is high.""At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money.""Cost is a big factor, as always. However, I think we have a very good price–performance ratio.""The pricing is very good. It's less expensive than many of the tools out there.""From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country.""We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for.""The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."

More Vectra AI Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
554,382 professionals have used our research since 2012.
Questions from the Community
Top Answer: Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a… more »
Top Answer: Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for… more »
Top Answer: The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in… more »
Top Answer: Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an… more »
Top Answer: Cost is a big factor, as always. However, I think we have a very good price–performance ratio.
Top Answer: If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation… more »
Ranking
Views
44,155
Comparisons
29,158
Reviews
19
Average Words per Review
575
Rating
8.1
Views
13,736
Comparisons
6,470
Reviews
17
Average Words per Review
2,214
Rating
9.0
Comparisons
Also Known As
Vectra Networks, Vectra AI NDR
Learn More
Overview

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides enterprise-wide cyber defense to over 4,700 organizations, protecting the cloudemailSaaStraditional networksIoT devicesendpoints, and industrial systems.

A self-learning technology, Darktrace AI autonomously detects, investigates, and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss, and supply chain vulnerabilities.

The company has 1,500 employees globally, with headquarters in Cambridge, UK. Every second, Darktrace AI fights back against a cyber-threat, before it can cause damage.

Vectra® is the leader in network detection and response – from cloud and data center workloads to user and IoT devices. Its Cognito® platform accelerates threat detection and investigation using artificial intelligence to collect, store and enrich network metadata with the right context to detect, hunt and investigate known and unknown threats in real time. Vectra offers three applications on the Cognito platform to address high-priority use cases. Cognito Stream™ sends security-enriched metadata to data lakes and SIEMs. Cognito Recall™ is a cloud-based application to store and investigate threats in enriched metadata. And Cognito Detect™ uses AI to reveal and prioritize hidden and unknown attackers at speed.

Offer
Learn more about Darktrace
Learn more about Vectra AI
Sample Customers
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Top Industries
REVIEWERS
Financial Services Firm22%
Government11%
Real Estate/Law Firm6%
Comms Service Provider6%
VISITORS READING REVIEWS
Comms Service Provider25%
Computer Software Company21%
Government6%
Financial Services Firm5%
REVIEWERS
Financial Services Firm19%
Retailer19%
Manufacturing Company13%
Mining And Metals Company13%
VISITORS READING REVIEWS
Comms Service Provider26%
Computer Software Company24%
Government6%
Financial Services Firm6%
Company Size
REVIEWERS
Small Business50%
Midsize Enterprise14%
Large Enterprise36%
VISITORS READING REVIEWS
Small Business23%
Midsize Enterprise24%
Large Enterprise52%
REVIEWERS
Small Business18%
Midsize Enterprise6%
Large Enterprise76%
VISITORS READING REVIEWS
Small Business25%
Midsize Enterprise22%
Large Enterprise53%
Find out what your peers are saying about Darktrace vs. Vectra AI and other solutions. Updated: November 2021.
554,382 professionals have used our research since 2012.

Darktrace is ranked 1st in Intrusion Detection and Prevention Software (IDPS) with 21 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 17 reviews. Darktrace is rated 8.0, while Vectra AI is rated 9.0. The top reviewer of Darktrace writes "A 10/10 solution with an awesome interface, good stability and scalability, flexible pricing, and good support". On the other hand, the top reviewer of Vectra AI writes "Gives us that extra chance to stop a disaster before it happens". Darktrace is most compared with CrowdStrike Falcon, Cisco Stealthwatch, SentinelOne, ExtraHop Reveal(x) and FireEye Endpoint Security, whereas Vectra AI is most compared with Cisco Stealthwatch, ExtraHop Reveal(x), Palo Alto Networks Threat Prevention, Awake Security Platform and Corelight. See our Darktrace vs. Vectra AI report.

See our list of best Intrusion Detection and Prevention Software (IDPS) vendors, best Network Traffic Analysis (NTA) vendors, and best Network Detection and Response (NDR) vendors.

We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.