Detects and fights cyber-threats in real time

Product Overview

WHITEPAPER:

The Enterprise Immune System –

Proven Mathematics and Machine Learning for Cyber Defense

DOWNLOAD NOW

Real-time threat detection and autonomous response

No rules, signatures, or prior assumptions

Cyber AI across the cloud, enterprise, and industrial

The Enterprise Immune System is the world’s most advanced machine learning technology for cyber defense. Inspired by the self-learning intelligence of the human immune system, this new class of technology has enabled a fundamental shift in the way organizations defend themselves, amid a new era of sophisticated and pervasive cyber-threats.

The human immune system is incredibly complex and continually adapts to new forms of threats, such as viral DNA that constantly mutates. It works by learning about what is normal for the body, identifying and neutralizing outliers that do not fit that evolving pattern of normality.

Darktrace applies the same logic to cloud, enterprise, and industrial environments. Powered by machine learning and AI algorithms, Enterprise Immune System technology iteratively learns a unique ‘pattern of life’ (‘self’) for every device and user on a network, and correlates these insights in order to spot and stop emerging threats that would otherwise go unnoticed.

Like the human immune system, the Enterprise Immune System does not require previous experience of a threat or pattern of activity in order to understand that it is potentially threatening. It works automatically, without prior knowledge or signatures, detecting and fighting back against subtle, stealthy attacks inside the network — in real time.

“Darktrace’s Enterprise Immune System has given us peace of mind that we are well-equipped to defend against today’s sophisticated attacks.”

Dane Sanderson

Global Security Director, Trek

Product Showcase for Real-time Threat Detection

Autonomous Response

Fight back with cyber AI

The Enterprise Immune System also delivers AI-powered autonomous response across email, cloud, and network traffic, taking surgical action to contain in-progress threats within seconds. By enforcing the normal ‘pattern of life’ for a given user or device, the system works by interrupting malicious activity only and giving the security team time to catch up.

As cyber-threats gain in speed and severity, this AI-powered autonomous response has become an essential part of any security stack.

Darktrace Threat Visualizer

Shine a light into your network

The Threat Visualizer is Darktrace’s real-time, 3D threat notification interface. As well as displaying threat alerts, the Threat Visualizer provides a graphical overview of the day-to-day activity of your network(s), which is easy to use, and accessible for both security specialists and business executives.

Using cutting-edge visualization techniques, the Threat Visualizer user interface automatically alerts analysts to significant incidents and threats within their environments, enabling analysts to proactively investigate specific areas of the infrastructure.

Detecting Ransomware

How Darktrace identifies ransomware before it spreads

In 2016 cyber-criminals launched 638 million ransomware attacks. That’s a 167-fold increase from the 4 million attack attempts in 2015, with most of the attacks delivered as phishing campaigns capable of by-passing existing defense mechanisms. With the rise of ransomware-as-a-service lowering the barrier to entry, it is now easier than ever for attackers to access and deploy ransomware. Once inside the enterprise, the malware encrypts data and looks to spread to other devices or shared drives. The speed with which the attack can spread and devastating effects it can have make ransomware an attractive proposition for cyber attackers.

AI & Machine Learning

Learns the ‘self’ of your organization – automatically

Artificial intelligence and machine learning present a significant opportunity to the cyber security industry. Today, new machine learning methods can vastly improve the accuracy of threat detection and enhance network visibility thanks to the greater amount of computational analysis they can handle. They are also heralding in a new era of autonomous response, where a machine system is sufficiently intelligent to understand how and when to fight back against in-progress threats. From the outset, Darktrace rejected the assumption that data relating to historical attacks could predict future ones.

Book Demo

Schedule you 30 minutes Deep Dive into AI

Simple to Manage with Granular Control

SIEM with attached AI

Integrating Darktrace into your existing infrastructure

Darktrace easily integrates with your existing infrastructure, including SIEM dashboards, SOC environments or any other downstream ticketing and alerting tool. This allows security teams to adopt Darktrace without changing existing business processes and working practices.

Darktrace is compatible with all major SIEMs that support the industry-standard Common Event Format (CEF) and Log Event Extended Format (LEEF). These include providers such as ArcSight, LogRhythm, QRadar and Splunk. Darktrace can also be configured to trigger alerts when the most serious threats are detected.

Darktrace can also support a range of deployment strategies for different Security Operations Center (SOC) environments, from continuous monitoring and alerting, to dedicated threat hunting. Darktrace models define the conditions under which Darktrace will notify an operator of an event. These events are surfaced within the Darktrace Threat Visualizer but may also be issued to external systems or be actively queried via the Darktrace API.

Darktrace’s enterprise-grade API also offers straightforward HTTPS access to all data available within the Darktrace platform. This allows for rapid customized exporting, integration and orchestration of the Darktrace data.

Customer Stories

“Darktrace’s technology is invaluable to us, it can deal with constantly adapting environments”

Thomas Brandl, Senior Director, Information Security

“Darktrace identified threats with the potential to disrupt our networks. It helps us stay ahead of emergent threats and better defend our key systems.”

Martin Sloan, Group Head of Security, Drax

“Darktrace Industrial’s combination of genuine AI and unprecedented visibility heralds a new future for proactively defending OT environments.”

Michael Sherwood, Director of Technology City of Las Vegas

Related Products

Darktrace Industrial

100% visibility and real-time threat detection for industrial networks

Darktrace Industrial is a cyber AI defense technology that is specifically developed to detect cyber-threats and latent vulnerabilities in both OT environments, such as SCADA systems, and IT networks. It also provides real-time visibility across both your industrial and enterprise networks, allowing security professionals to gain oversight of all their systems and protect them from cyber-threats as they emerge.

Key benefits

Passively learns ‘self’ in real time
Protocol agnostic due to self-learning approach
Detects insider threat and external attacks
100% visibility
Provides a unified view across OT, IT, and Industrial IoT

Learn More

Darktrace Cloud

Self-learning cyber AI in the cloud

And it stops attacks that don’t use malware, including email fraud and credential phishing. If something goes wrong, we also help protect customers’ data from being exposed in attacks or inadvertently emailed by employees. Beyond the corporate email accounts you control, we secure personal web email accessed on corporate devices and networks.

Key benefits

100% visibility into your cloud environment
Removes blind spots and protects against emerging threats
Fully configurable – you choose what cloud traffic to cover
Installed via lightweight, non-intrusive sensors

Learn More

Darktrace Antigena

Autonomous response to in-progress cyber-threats

Powered by Darktrace’s multi-award-winning AI, Darktrace Antigena is an autonomous response solution that takes action against in-progress cyber-threats, limiting damage and stopping their spread in real time.

The technology works like a digital antibody, intelligently generating measured and proportionate responses when a threatening incident arises, without impacting normal business operations.

Key benefits