En savoir plus sur Darktrace
Système de cyberdéfense à configuration automatique basé sur le machine learning et les mathématiques probabilistes.
Support is quite fast and you will get update within hour when you open a ticket. It provides packet captures and can be downloaded for forensic analysis.
Plus the advanced search fuctionality is not very well defined. The lack of reporting also makes it a bit challenging.
Filtrer les avis (11)
The SIEM you need
Commentaires : Excellent all around the support and execution of the software is unlike any other.
The AI Machine learning analyst and automated feature that Darktrace Provides are second to none.
There is many incidents that can be looked into as false positives when first establishing your models.
Alternatives envisagées :
Dark Trace AI to protect your network
Commentaires : It is good product with its AI engine and capable to learn the network. More helpful to identify ongoing threats and during forensic investigations. Easy to deploy and configure. Once plug with IP address can be used. Interfaces are nice and provide detailed view of incidents. It needs improvements on reporting capabilities. When you cannot centrally log traffic cost will be higher since each and every location need separate appliance.
Device installation is very easy and no advance configurations to be done. Darktrace can learn the network traffic behavior and alert you when deviations occurred. Portal has good learning materials and case studies. Support is quite fast and you will get update within hour when you open a ticket. It provides packet captures and can be downloaded for forensic analysis. Mobile version is available. Models can be customized and can be create according to the network behavior of the organization. Custom rules can be configured.
During the initial implementation there are higher number of false positives and need to manually tag those. Some legitimate traffic detected as threat. Need more fine tune. Device doesn’t have mechanism to alert when traffic stopped flow to the device. You need to manually check the receiving traffic on interfaces. If you cannot send traffic to central location each individual location should have an appliance to get total visibility of the network. Very limited reports and reports need more improvements.
Powerful product with a lot of changes needed
Commentaires : I would rate Darktrace as 4/10. For me a product that gives accurate readings and good reporting features is extremely important which is missing in Darktrace.
No doubt of Darktrace being a powerful addition to your environment. The capability of ingesting and correlating the entire network traffic is superb. Darktrace correlates logs to the breach models and give timely alerts whenever a model is hit. Plus while working on a breach, you can discuss it with your colleagues using their copy to clipboard functionality. As like most EDR, it not only helps to you to take a pcap of the traffic, you can also moving view the traffic and pattern that is a few days old.
It requires a regular health check. The major issue withour deployment is that when you try to check an asset logs, Darktrace takes the entire /24 range and gets confused between asset which ends up giving false logs.Plus the advanced search fuctionality is not very well defined. The lack of reporting also makes it a bit challenging
Alternatives envisagées :
You may not get it at first, because of you training with Antivirus
I am ensuring that my network and devices are safe or at least they can account to me about what they are doing...! I know this sound weird, but with darktrace it seem like the system are telling me what they did or what they are doing.
Feel like the way to go.
The detection features are extremely useful, it is what the busy IT /Security or even advance pro use will want to see as time progress over his cooperate network. The details are in your face, similar and somewhat like what you see in the movies. This makes you rethink what you believe that you know, from what is actually happening on your network and to your devices.
It cost an arm and a leg for small business but it does provide the value for money. If you are not into the whole - cyber security thing! but know that 1 good expert delivers services for 120K per annum, then this is a package of excellent experts for the same price range of 1 expert. I think the offer should be a little bit more considerate of smaller organization and their tight budgets, having the various offers as add on, can quickly bring up the bills. First there is the base software - with one price, Have Office365 then you have to add on.....
Know what is out there!
Commentaires : Helps our SOC with their day to day business.
Real time overview of what anomalies are happening on the network! Looks at our email environment as well and generates nice management reports.
Takes a lot of tweaking to set it up according to your specific needs
Analyzing all threats with ease.
Darktrace helps tracing the possible threats in our company'S network. Provides information regarding the source of thay threat which keeps us alerted and secure. Great support from the Darktrace staff.
Considering the other softwares, pricing is too high
DarkTrace Cyber AI
Commentaires : A great technology partner to work with.
The cyber AI mimics the human immune system and autonomously does the following: Self-Learning: detects threats other solutions miss Autonomous Response: fights in-progress attacks 24/7 Protection Everywhere: covers hybrid cloud, email systems, network, IoT, endpoints, and OT Augmented Intelligence: saves up to 92% of your security analysts' time
So far the solution is doing what it's supposed to do.
Information Overload, but hard to understand the information provided
DarkTrace provides an overwhelming amount of information regarding network traffic and the devices that are communicating on your network. You can see an exploded view of your entire network or zoom down to see an individual device that may be causing issues.
There are very limited education materials on how to use Darktrace. While most network monitoring software have an abundance of internet based information on how to setup and utilize the product, DarkTrace is extremely lacking in this department. Aside from contacting Customer Support, that may or may not respond, there is very little information on the web about DarkTrace.
Advanced security if you achieve network visibility
Commentaires : The product and the reports received are of a high quality. They require an incident response team trained to extract the potential.
Both the visibility obtained by the product and the information provided by the analysts is of the highest quality.
The very definition of the product requires visibility of all network traffic to get the full potential of the tool. In distributed and complex networks, this can be very expensive in deployment and configuration
really usefull if for large companies
the capability of monitoring your entire network in real time and the AI continuing to learn and distinguish between a attack and normal network behavior
you are able to monitor but can't stop any suspicious network activity from the software
Cyber security tool
This is a great tool to see threats on your network and where they are coming from; it provides a very detailed analysis of your systems network threats.
It is costly and really does not protect your systems, it only provides you with the threats analysis you need to make an informed decision.