17 years helping Irish businesses
choose better software
Darktrace
What Is Darktrace?
Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting organizations from unknown threats using its proprietary AI that learns from the unique patterns of life for each customer in real-time. The Darktrace ActiveAI Security Platform™ delivers a proactive approach to cyber resilience with pre-emptive visibility into security posture, real-time threat detection, and autonomous response – securing the business across cloud, email, identities, operational technology, endpoints, and network. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 200 patent applications filed. Darktrace’s platform and services are supported by over 2,400 employees around the world who protect nearly 10,000 customers across all major industries globally.
Who Uses Darktrace?
Scales to organizations large and small, in any industry. No limit to devices, users, accounts, or mail flow. Built for Enterprise, Government, Critical Infrastructure, and SMB.
Not sure about Darktrace?
Compare with a popular alternative
Darktrace
Reviews of Darktrace
Darktrace Review
Pros:
Rapid Time for Detection and Response: Darktrace's real-time threat detection and response capabilities assist my organization in shortening the period of time needed to identify and address cyber attacks. My Security team can avert possible harm and condense the scope of a security incident by quickly responding to risks when they are first identified.
Cons:
False Positives: Like any cybersecurity solution, Darktrace could produce false positive alerts, which are signals that seem to indicate a potential threat but actually turn out to be harmless. It may be necessary to continuously monitor and modify the solution to prevent false positives while making sure that actual threats are accurately detected.
Alternatives Considered:
Dark Trace AI to protect your network
Comments: It is good product with its AI engine and capable to learn the network. More helpful to identify ongoing threats and during forensic investigations. Easy to deploy and configure. Once plug with IP address can be used. Interfaces are nice and provide detailed view of incidents. It needs improvements on reporting capabilities. When you cannot centrally log traffic cost will be higher since each and every location need separate appliance.
Pros:
Device installation is very easy and no advance configurations to be done. Darktrace can learn the network traffic behavior and alert you when deviations occurred. Portal has good learning materials and case studies. Support is quite fast and you will get update within hour when you open a ticket. It provides packet captures and can be downloaded for forensic analysis. Mobile version is available. Models can be customized and can be create according to the network behavior of the organization. Custom rules can be configured.
Cons:
During the initial implementation there are higher number of false positives and need to manually tag those. Some legitimate traffic detected as threat. Need more fine tune. Device doesn’t have mechanism to alert when traffic stopped flow to the device. You need to manually check the receiving traffic on interfaces. If you cannot send traffic to central location each individual location should have an appliance to get total visibility of the network. Very limited reports and reports need more improvements.
Powerful product with a lot of changes needed
Comments: I would rate Darktrace as 4/10. For me a product that gives accurate readings and good reporting features is extremely important which is missing in Darktrace.
Pros:
No doubt of Darktrace being a powerful addition to your environment. The capability of ingesting and correlating the entire network traffic is superb. Darktrace correlates logs to the breach models and give timely alerts whenever a model is hit. Plus while working on a breach, you can discuss it with your colleagues using their copy to clipboard functionality. As like most EDR, it not only helps to you to take a pcap of the traffic, you can also moving view the traffic and pattern that is a few days old.
Cons:
It requires a regular health check. The major issue withour deployment is that when you try to check an asset logs, Darktrace takes the entire /24 range and gets confused between asset which ends up giving false logs.Plus the advanced search fuctionality is not very well defined. The lack of reporting also makes it a bit challenging
Alternatives Considered:
You may not get it at first, because of you training with Antivirus
Comments:
I am ensuring that my network and devices are safe or at least they can account to me about what they are doing...! I know this sound weird, but with darktrace it seem like the system are telling me what they did or what they are doing.
Feel like the way to go.
Pros:
The detection features are extremely useful, it is what the busy IT /Security or even advance pro use will want to see as time progress over his cooperate network. The details are in your face, similar and somewhat like what you see in the movies. This makes you rethink what you believe that you know, from what is actually happening on your network and to your devices.
Cons:
It cost an arm and a leg for small business but it does provide the value for money. If you are not into the whole - cyber security thing! but know that 1 good expert delivers services for 120K per annum, then this is a package of excellent experts for the same price range of 1 expert. I think the offer should be a little bit more considerate of smaller organization and their tight budgets, having the various offers as add on, can quickly bring up the bills. First there is the base software - with one price, Have Office365 then you have to add on.....
AI machine learning with models and advanced search capabilities
Comments: Great - but when we lost our main support person a year ago (She was promoted), it's been a small bit more tedious to get answers immediately. Cybersec is a fast world.
Pros:
Advanced Search lets us dig into the exact 5W's. It also lets us recreate packet captures for network troubleshooting. The iOS app is great and lets us remotely get notified and handle any manually required situations that do not fall under our autonomous scope of actions.
Cons:
The app has had a few bugs in the past, but is working great now. I wish we could do even more with the app - like advanced search capabilities to help diagnose while on the move.