Darktrace
Darktrace
Darktrace uses machine learning to detect and respond to cyber threats by analyzing network behavior. It continuously monitors for unusual activity to identify potential vulnerabilities and emerging risks in real time.
Darktrace uses machine learning to detect and respond to cyber threats by analyzing network behavior. It continuously monitors for unusual activity to identify potential vulnerabilities and emerging risks in real time.
Cost considerations
Cost considerations
Functionality
Functionality
Compatibility
Compatibility
User experience
User experience
Customer support
Customer support
Why these ratings?
Cyberse perspective
Cyberse perspective
Solution details
Target industry
Technology
Public sector
Industrials
Healthcare
Retail
Manufacturing
Financial services
Key features
Platform solution
Subcategory
Asset Management
Attack Surface Management
Continuous Threat and Exposure Management
Product features
Risk scoring
IT Service Management (ITSM) integration
Automated remediation
Deployment
On-premises
Cloud-hosted
Market segment
Small business
Enterprise
Midmarket
Scanning coverage
Network scanning
Integrations
Security automation
Endpoint security
Cloud security
Network security
Data security
Cloud ecosystem partners
Amazon Web Services
Microsoft Azure Cloud
Google Cloud Platform
Services support
In-house services
Managed services
We use the following criteria to evaluate this product:
We use the following criteria to evaluate this product:
Cost considerations
Darktrace offers vulnerability coverage only through separate PREVENT and ASM add-ons, so buyers pay on top of the core license. Premium per-asset pricing sits above mainstream scanners and scans are not unlimited. Total ownership costs climb quickly at scale, making the value proposition weaker than most competitors.
Cost considerations
Darktrace offers vulnerability coverage only through separate PREVENT and ASM add-ons, so buyers pay on top of the core license. Premium per-asset pricing sits above mainstream scanners and scans are not unlimited. Total ownership costs climb quickly at scale, making the value proposition weaker than most competitors.
Functionality
Darktrace PREVENT continuously discovers external assets and flags likely exposures, yet it skips authenticated host scans and cannot confirm that fixes work. Cloud, container insight and ticketing rely on optional connectors, so overall capability lands in the middle of the vulnerability-management field.
Functionality
Darktrace PREVENT continuously discovers external assets and flags likely exposures, yet it skips authenticated host scans and cannot confirm that fixes work. Cloud, container insight and ticketing rely on optional connectors, so overall capability lands in the middle of the vulnerability-management field.
Compatibility
Darktrace connects to major public clouds and can stream findings to SIEMs through open APIs, but it relies on network sensors rather than agents, limiting direct coverage across every OS. Syncing with ServiceNow or other CMDBs usually needs custom scripting instead of a built-in connector. SSO is available, so overall integration sits in the mid-range of the market.
Compatibility
Darktrace connects to major public clouds and can stream findings to SIEMs through open APIs, but it relies on network sensors rather than agents, limiting direct coverage across every OS. Syncing with ServiceNow or other CMDBs usually needs custom scripting instead of a built-in connector. SSO is available, so overall integration sits in the mid-range of the market.
User experience
Darktrace shows priority risks on clear visual dashboards and suggests next-step mitigations, so security staff find key information quickly. Users can drill from an attack-surface map down to a single asset in a few clicks, which shortens investigation time. A brief learning phase is still needed to understand the AI-driven labels and tuning options.
User experience
Darktrace shows priority risks on clear visual dashboards and suggests next-step mitigations, so security staff find key information quickly. Users can drill from an attack-surface map down to a single asset in a few clicks, which shortens investigation time. A brief learning phase is still needed to understand the AI-driven labels and tuning options.
Customer support
Darktrace offers 24/7 expert help and assigns a success manager. Model updates are pushed several times a week, but there is no clear proof that every new vulnerability is covered inside 24 hours.
Customer support
Darktrace offers 24/7 expert help and assigns a success manager. Model updates are pushed several times a week, but there is no clear proof that every new vulnerability is covered inside 24 hours.