Darktrace / CLOUD
Container monitoring tools
Cloud compliance software
Cloud data security software
Cloud detection and response (CDR) software
Cloud infrastructure entitlement management (CIEM) software
Cloud-native application protection platform (CNAPP)
Cloud security monitoring and analytics software
Cloud security posture management (CSPM) software
Cloud workload protection platforms
Container security tools
Attack surface management software
Exposure management platforms
Risk-based vulnerability management software
AI governance tools
Cloud security software
DevSecOps software
Vulnerability management software
DevOps software
Containerization software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if Darktrace / CLOUD and its alternatives fit your requirements.
Contact the product provider
Free Trial
Free version unavailable
Small
Medium
Large
- Media and communications
- Information technology and software
- Healthcare and life sciences
What is Darktrace / CLOUD
Darktrace / CLOUD is a cloud security product focused on detecting and responding to threats across public cloud environments using behavioral analytics. It targets security operations teams that need continuous monitoring of cloud control-plane activity, identities, and workloads to identify suspicious behavior and investigate incidents. The product emphasizes anomaly detection and automated response actions, and it is typically deployed alongside existing cloud logging and security tooling.
Behavior-based cloud threat detection
The product focuses on identifying anomalous behavior in cloud environments rather than relying only on predefined rules and signatures. This can help surface novel or low-and-slow activity that blends into normal cloud operations. It is designed for SOC workflows where analysts need prioritized detections and investigation context. This approach can complement rule-based cloud monitoring stacks used in similar environments.
Automated response and containment
Darktrace / CLOUD includes response capabilities intended to take action when suspicious activity is detected. This can reduce time-to-containment for common cloud attack patterns such as credential misuse or unusual API activity. Automation can be useful for teams with limited 24x7 coverage. The value depends on how response policies are tuned and governed to avoid disrupting legitimate activity.
Broad cloud telemetry correlation
The product is positioned to ingest and correlate multiple sources of cloud telemetry (for example, identity events, control-plane logs, and workload signals). Correlation can help connect related events into a single investigation path and reduce manual pivoting across tools. This is relevant in multi-account or multi-subscription environments where activity is distributed. It supports use cases where security teams need centralized visibility across cloud estates.
Not a full CNAPP suite
While it addresses detection and response, it may not cover the full breadth expected from a consolidated CNAPP platform (for example, deep infrastructure-as-code scanning, comprehensive posture management, and end-to-end vulnerability prioritization) in a single workflow. Organizations may still require separate tools for CSPM, CIEM, and workload vulnerability management depending on requirements. This can increase integration and operational overhead. Buyers should validate which controls are native versus dependent on integrations.
Tuning and alert validation effort
Behavioral detection systems typically require tuning to align with an organization’s cloud usage patterns and acceptable administrative behavior. Early deployments can generate alerts that need analyst validation and feedback loops to reduce noise. This can be resource-intensive for small teams or environments with frequent change. Ongoing governance is needed to keep detections relevant as cloud architectures evolve.
Integration and data access dependencies
Effective cloud detection depends on access to high-quality logs, identity data, and cloud API telemetry, which can vary by cloud provider and account configuration. Gaps in logging configuration, retention, or permissions can reduce detection fidelity and investigation context. Integration work may be required to align with existing SIEM/SOAR, ticketing, and cloud-native security services. Buyers should confirm supported data sources, required permissions, and any additional cloud costs for log collection.
Plan & Pricing
Pricing model: Custom / Contact sales (no public pricing listed on vendor site) Free tier/trial: 30-day free trial (free, no-obligation trial offered via demo/trial pages) Example costs: Not published on Darktrace official site — customers are directed to contact sales or obtain private offers via cloud marketplaces (AWS/Azure). Discount/options: Partner programs and private offers via AWS Marketplace and Azure Marketplace; enterprise/partner discounts likely available (not publicly detailed).
Seller details
Darktrace plc
Cambridge, United Kingdom
2013
Public
https://www.darktrace.com/
https://x.com/Darktrace
https://www.linkedin.com/company/darktrace/
