We compared Abnormal Security and Darktrace based on our users reviews in six parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Based on the comparison between Abnormal Security and Darktrace, Abnormal Security offers easy setup and seamless integration with Office 365, whereas Darktrace's setup can be difficult and time-consuming. Abnormal Security specializes in catching spear phishing attacks and has AI-based spam filtering, while Darktrace focuses on detecting threats and vulnerabilities using AI-driven capabilities. Abnormal Security could improve by addressing email slip-through and finding more partnerships, whereas Darktrace could enhance its false positive reduction and simplify configuration. Pricing-wise, Abnormal Security has fair prices and excellent customer support, while Darktrace's pricing and licensing model could be more flexible and support could be improved in certain areas.
"Threat Explorer is an invaluable tool for me, and it plays a crucial role in helping me discern the origins of various email campaigns, pinpointing where they emanate from, and identifying the individuals within our organization who are affected."
"Microsoft Defender for Office 365 is a stable solution."
"The technical support is good and quick to resolve issues."
"The basic features are okay and I'm satisfied with the Defender."
"Our customers are satisfied with Defender for 365 because Microsoft products are easy to use and customize to meet the client's needs. Everything is in one place, so we can adjust policies as needed for phishing, DLP, ATP, or any other security features that our clients want to apply."
"Defender for 365 is a comprehensive cloud-based solution. The value of the cloud is that you aren't alone. Threat intelligence and analytics are shared in the cloud. We don't have to find the solution alone. If you face an unknown threat with traditional solutions like Trend Micro and Symantec, you need to open a case and send your information to them to analyze forensically and identify the source of the attack."
"Defender for Office 365 has helped eliminate having to look at multiple dashboards and that is the aspect I like most about it. It is simpler, effective, and convenient. The users like the process efficiency."
"It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself."
"The features that appeal to me most are the combination of auto-remediation and Detection 360."
"Their ability to take things out of the mailbox and catch things much faster than users is excellent."
"Ease of use is undoubtedly one of the most valuable features of Abnormal Security."
"Initial auto-remediation allows us to auto-remediate before the email lands in the end user's inbox for a split second."
"It does some really cool stuff that other tools aren't doing. We found it to be really effective, and the AI/ML functionality is really what differentiates them."
"What I like about Abnormal Security is that it notifies me if any of my partners or suppliers are experiencing a security breach by analyzing their database and identifying potential cyber threats."
"I have never encountered any stability issues with Abnormal."
"One of the things that I love about them is that the setup and installation are super easy. All you do is give them access to your Microsoft 365 tenant, and through APIs, they are able to do their work. They are doing all this through APIs, so you do not have to install the software and take a month to get it all set up to even see the value of the solution. You could be up and running in less than an hour."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven. It does a lot of things by itself."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"Its AI technology supports cybersecurity by learning my environment and accurately responding to threats."
"We liked their approach to identifying intrusions or network anomalies using AI."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"It's a very stable product."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"The most valuable features of Darktrace are its full capabilities. You have visibility of everything."
"Too many false positives and lacks an accurate capability to detect malicious SharePoint sites."
"In one of the reports I can get the exact place where a vulnerable file resides. But for that, I need to explicitly go into the device and check. If they could include that file part in the report, without my having to go to the device itself, that would help."
"We need a separate license and we don't know how to get the license that is required."
"The custom alerts have to improve a lot."
"There is room for improvement with the UI."
"The only thing they should improve is the licensing model. They should stop changing it. A year ago, the five features I mentioned were included in one product. Now, three of them are bundled into one product, and you have to pay extra for the other two. I don't mind paying extra, but I don't want them to change it every year or every six months. I need to know what I'm looking at and not worry about it next year."
"The pre-sales cost calculations could be more transparent."
"About eight months ago, we started to measure the quantity of phishing and spam that we have been receiving, and it has been increasing a lot. That means that protection for our email is not as good as we were expecting."
"The ideal scenario would be for Abnormal Security to work in tandem with Microsoft to analyze incoming emails."
"I would like to have the ability to customize the auto-remediation feature."
"I, as such, do not have anything that I do not like or would like to add, but you could argue that because they are doing it API-based, there is a chance that something could slip through temporarily before they are able to pull it out. In theory, it could happen just because of the nature of the system. They are not in line with the delivery of the mail. They are kind of asynchronous, which is a pro as well as a con. If it is synchronous, then I know it would always stop them, but because it is asynchronous, things could get through temporarily or because of some system issues on the Microsoft side or their side. It is the nature of the beast, but it is a little bit of a con."
"The pricing for academic institutions and student mailboxes is challenging."
"When we're working on something as engineers, and we find an idea or a method of doing something that would be greatly improved by doing it another way, there should be an ability for me to click the ideas button, type in an idea that I have, and submit it to a product review team or developers to have them think through the process a little bit more."
"One feature I'd love to see is outbound scanning."
"There could be room for improvement in enhancing integration with other cybersecurity tools."
"The biggest pain point for us is the lack of support for on-premise email systems."
"It's a very complex platform."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"The solution could be easier to use."
"It can have more integration with orchestration or event management solutions. They can provide more knowledge or research information for analysts for investigating cases and detecting anomalies in networks."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Abnormal Security is ranked 12th in Email Security with 8 reviews while Darktrace is ranked 11th in Email Security with 66 reviews. Abnormal Security is rated 9.6, while Darktrace is rated 8.2. The top reviewer of Abnormal Security writes "Provides comprehensive email security management, effective in detecting a wide range of email threats". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Abnormal Security is most compared with Mimecast Email Security, Egress Intelligent Email Security, Cloudflare Area 1 Email Security, Avanan and Fortinet FortiMail, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x). See our Abnormal Security vs. Darktrace report.
See our list of best Email Security vendors.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.