We performed a comparison between Darktrace and Tanium based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Microsoft Defender for Office 365's most valuable feature is its performance."
"The benefit that stands out to me is the ability for multiple individuals to collaborate simultaneously within the same document. Additionally, there is the option to save the document directly in the integrated OneDrive or SharePoint."
"Microsoft Defender for Office 365 helps people to work remotely. It is a secure solution. We don't need to use our company's computers or get VPN connections to the networks. I can control how they share screens and what they send to the devices. It keeps our organizations confidential and sensitive information safe."
"Some of the valuable features on the email side are anti-phishing, anti-malware, and Safe Links."
"The technical support is good and quick to resolve issues."
"There are several features that I consider valuable."
"Since we have started using the solution, there have been fewer compromises."
"It gives us visibility into threats and, for endpoints, it helps us to prioritize threats. We used to have a lack of visibility, but now our time to detect and respond has decreased."
"Darktrace is extremely stable."
"Provides great network protection."
"The most valuable feature of this solution is that it does not require human intervention to eliminate a threat."
"It has helped the organization to detect any malware affecting the machines...The network monitoring and the email monitoring features are very valuable for us."
"The most valuable feature is the solution's ability to trim out the false positives and point your attention to the real important stuff."
"The most valuable feature of Darktrace is the AI that detects abnormal network activity."
"Darktrace is very flexible."
"Its most valuable feature is its ability to identify malicious connected IPs from outside and the attacks that get through to the inside."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"Tanium's most valuable feature is its instant discovery aspect."
"I would say Tanium is the best tool for vulnerability management."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"The interrogation piece was the most valuable feature because it was very detailed."
"Microsoft sometimes has downtime, and we'll get several incidents coming in back to back. We have a huge backlog of notifications, many of which may be false positives. However, there might be serious alerts, so we can't risk dismissing all of them at once."
"We noticed that from time to time, Microsoft's stability does have problems. Sometimes the service goes up and down. Sometimes they change without prior notice."
"Several simulation options are available within 365, and the phishing simulation could be better."
"The phishing and spam filters could use some improvement."
"I'd like some additional features any product can give me to protect our environment in a better way."
"Microsoft wants its well-paying customers to finish testing some of its half-baked products, find bugs, and report bugs back to Microsoft's team, which is a little frustrating for those who have to manage it and roll it up to thousands of people across the organization."
"Configuration requires going to a lot of places rather than just accessing one tab."
"We need a separate license and we don't know how to get the license that is required."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"There is a high ratio of false positive information."
"Darktrace could expand into EDR (endpoint detection and response) and combine it with its network detection."
"Upper management wasn't sold on the value proposition."
"It is expensive, but everything else has been great so far."
"We'd like threat hunting, and we'd like to see a global solution that can automate vulnerability scans. I know it is something they are working on."
"In terms of improvements, fine-tuning is the area where we have to spend some time because it works on unsupervised machine learning. It would be good if they can improve their algorithm or technical functionality to reduce the fine-tuning effort. They can also come up with something at the endpoint level. So far, Darktrace has been a network detection response (NDR) solution. It does not offer much at the endpoint level or on user-client devices or servers. There should be more visibility at the endpoint level. It would be good to have the detection and response at the endpoint level by Darktrace. It should also have integration with an agile environment so that we can have continuous development and continuous integration in the application development environment. This is currently not there. It should also have internet-facing platform visibility, which is currently missing. They also need to improve the reporting and management dashboards. Currently, these are not so easy for a non-technical person. All these features would make Darktrace much better, and they would also be helpful in selling more solutions."
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The solution lacks mobility."
"We had some issues with the solution's OS upgrade."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The most painful thing is the interface. It's a bit unclear sometimes."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"The solution can give a lot of false positives."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 66 reviews while Tanium is ranked 36th in Endpoint Protection Platform (EPP) with 15 reviews. Darktrace is rated 8.2, while Tanium is rated 7.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Configuration Manager, Qualys VMDR and ServiceNow Discovery.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.