Darktrace

Kommentare: I would rate Darktrace as 4/10. For me a product that gives accurate readings and good reporting features is extremely important which is missing in Darktrace.

Vorteile: No doubt of Darktrace being a powerful addition to your environment. The capability of ingesting and correlating the entire network traffic is superb. Darktrace correlates logs to the breach models and give timely alerts whenever a model is hit. Plus while working on a breach, you can discuss it with your colleagues using their copy to clipboard functionality. As like most EDR, it not only helps to you to take a pcap of the traffic, you can also moving view the traffic and pattern that is a few days old.

Nachteile: It requires a regular health check. The major issue withour deployment is that when you try to check an asset logs, Darktrace takes the entire /24 range and gets confused between asset which ends up giving false logs.Plus the advanced search fuctionality is not very well defined. The lack of reporting also makes it a bit challenging

Vorteile: DarkTrace provides an overwhelming amount of information regarding network traffic and the devices that are communicating on your network. You can see an exploded view of your entire network or zoom down to see an individual device that may be causing issues.

Nachteile: There are very limited education materials on how to use Darktrace. While most network monitoring software have an abundance of internet based information on how to setup and utilize the product, DarkTrace is extremely lacking in this department. Aside from contacting Customer Support, that may or may not respond, there is very little information on the web about DarkTrace.

Kommentare: The product and the reports received are of a high quality. They require an incident response team trained to extract the potential.

Vorteile: Both the visibility obtained by the product and the information provided by the analysts is of the highest quality.

Nachteile: The very definition of the product requires visibility of all network traffic to get the full potential of the tool. In distributed and complex networks, this can be very expensive in deployment and configuration

Vorteile: This is a great tool to see threats on your network and where they are coming from; it provides a very detailed analysis of your systems network threats.

Nachteile: It is costly and really does not protect your systems, it only provides you with the threats analysis you need to make an informed decision.

Vorteile: the capability of monitoring your entire network in real time and the AI continuing to learn and distinguish between a attack and normal network behavior

Nachteile: you are able to monitor but can't stop any suspicious network activity from the software