Darktrace / EMAIL Reviews & Product Details

What I like most is that Darktrace / EMAIL catches threats our previous Secure Email Gateway consistently missed. Because the AI doesn’t rely on known signatures or reputation lists, it learns what normal communication looks like for each individual user and flags deviations. As a result, it can catch novel phishing attempts and business email compromise attacks that rule-based tools simply can’t detect.

AI/Intelligence is where it genuinely stands out. The self-learning AI builds a behavioral baseline per user and per relationship, so it can identify when an email is impersonating a known supplier even if the domain looks clean and the content passes traditional filters. The Cyber AI Analyst also automatically triages and explains detections in plain language, which has reduced our SOC investigation time considerably. With AI-generated threat summaries, analysts spend more time acting on threats instead of piecing together what happened.

UI/UX is clean and well organized. The email threat dashboard provides a clear view of what was detected, why it was flagged, and what action was taken, without requiring deep technical knowledge to interpret. When you drill into individual email detections, you get a clear visual breakdown of the signals that triggered the alert, which makes it easier to explain decisions to non-technical stakeholders.

Integrations with Microsoft 365 and Google Workspace are native and straightforward to set up. Deployment via API doesn’t require MX record changes, which meant zero disruption to mail flow during onboarding, and that alone made the rollout politically much easier internally.

Performance has been consistent, with detections happening in real time and autonomous response actions—like holding or rewriting suspicious emails—executing quickly without noticeable latency for end users.

Support and onboarding were well structured. The deployment process was guided and fast, and the Darktrace team provided meaningful tuning support in the early weeks to reduce noise without sacrificing coverage.

Pricing and ROI become clear quickly when you consider the cost of a single successful BEC incident versus the annual subscription. Since it catches threats that SEGs miss, the business case is straightforward. Review collected by and hosted on G2.com.

My biggest frustration is the initial noise during the learning period. In the first few weeks, while the AI is building behavioral baselines, the alert volume is high and it takes real tuning effort to get the signal-to-noise ratio to an acceptable level. For smaller security teams without dedicated bandwidth, this onboarding phase can feel overwhelming.

The autonomous response actions are powerful, but they need careful configuration. Out of the box, the sensitivity can be overly aggressive, and I’ve seen cases where legitimate emails were held or modified. That created friction with business users and eroded confidence in the system early on. Finding the right balance between catching threats and avoiding false positives takes longer than expected.

UI/UX also has room to improve, especially around reporting. The threat dashboard is solid for day-to-day operations, but generating customized reports for executive or compliance audiences isn’t as flexible as it should be. Exporting meaningful metrics and setting up scheduled reports still requires more manual effort than it should.

Pricing is on the higher end of the market, which makes it a tougher sell for mid-sized organizations comparing it with more established SEG vendors. The value can be there, but justifying the premium requires a clear understanding of the risk gap it fills—and that isn’t always easy to quantify upfront. Review collected by and hosted on G2.com.

What I like best about Darktrace/Email is its "Pattern of Life" approach to security. Unlike traditional gateways that look for known "bad" signatures, Darktrace understands the unique communication styles of our employees. We were specifically struggling with sophisticated spoofing attacks where external actors would impersonate our CIO to target junior staff.

Since implementation, Darktrace has been highly effective at flagging these anomalies. It doesn't just look at the 'From' address; it recognizes that the behavior and intent don't match our executive's history. It has significantly reduced our manual triage time and lowered our overall financial risk from BEC. Review collected by and hosted on G2.com.

While the AI is incredibly powerful, the management console (UI) has a steep learning curve. There is so much data available that it can feel overwhelming at first. It takes some time to learn how to pivot through the 'Cyber AI Analyst' views to find exactly what you're looking for. It’s definitely a tool for a 'pro' security team rather than a casual admin. Review collected by and hosted on G2.com.

A large number of malicious email attacks are stopped or actioned with 100% ability to see and make adjustments as needed. Review collected by and hosted on G2.com.

None in 3 years of use. Ok, one little quirk. If you have more than one filter you have to change the default selection from OR to AND which is little! Review collected by and hosted on G2.com.

Super easy to search — makes it quick to find specific emails or users when something needs checking.

Really clear on what’s been actioned — you can instantly see if an email was held, delivered with a banner, or modified.

Feels fast — the UI responds well and doesn’t slow you down when you’re investigating.

Hardly anything malicious gets through — it's doing a solid job on detection.

Gives confidence — we’re not constantly firefighting suspicious emails thanks to the automation. Review collected by and hosted on G2.com.

Journalling approach causes issues with other integrations Review collected by and hosted on G2.com.

You can't go wrong with AI detection and respond! The system's ability to learn and adapt to my company's environment made life alot easier for me as an administer. In my experience thus far, false positives are very low. I also absolutely love the AI phishing simulation where it would scan inboxes and craft unique simulations. Also, the interface is just super cool. The customer support is excellent, you'd find that they're very responsive and helpful. I use this every day and it really makes my job easier. As far as implementation goes, the vendor was very helpful to get things configured in no time. Review collected by and hosted on G2.com.

It's a bit pricey, but you get alot of value for the money. Review collected by and hosted on G2.com.

The software is machine learning enabled and supports Ai.

Use of Darktrace ensures email account protection and blocking of malware.

Reliability of the product in reporting and end user warnings provision.

Implementation of the software has minimal impact on our systems performance.

Multiple device protection vire a single subscription.

Quality vendor support services and immense performance of the software.

Availability of a multi layer security and exceptional features.

Tutorials and demos are always available for new users.

Lower subscription fees compare to its competitors. Review collected by and hosted on G2.com.

I regular software updates makes the product boring and tedious. Review collected by and hosted on G2.com.

The system is fully configurable with the ability to open methods that a user can self serve their requests, or lock down the methods to keep the control within the Technology Team. Review collected by and hosted on G2.com.

The service is certainly not the cheapest, but the positives outweigh the negatives. Review collected by and hosted on G2.com.

This application is straightforward to configure and removes pretty much all the junk from a user's inbox.

After using it for months, we have no complaints from our end-users and are receiving no reports from our end users regarding junk in their inbox! Review collected by and hosted on G2.com.

The pricing of Darktrace products is always an exciting point to look at.

Not really much to dislike, maybe the lack of functionality to integrate into the outlook application on windows an mac. However, this seems to be resolved in 2023. Review collected by and hosted on G2.com.

The potential for darktrace to detect things is great. Review collected by and hosted on G2.com.

The complexity of the wording and descriptions for events is difficult to understand. Would best be used by dedicated security IT person and not a jack of all trades IT department. Review collected by and hosted on G2.com.

The visibility across the entire platform Review collected by and hosted on G2.com.

A little on the expensive side for what is already protected by cyber security insurance Review collected by and hosted on G2.com.