What is Darktrace?
Created by mathematicians from the University of Cambridge, Darktrace’s Enterprise Immune System uses AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes.
The Darktrace technology self-learning approach is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems.
By applying its unique, unsupervised machine learning, Darktrace has identified 48,000 previously unknown threats in over 3,000 networks, including zero-days, insider threats and subtle, stealthy attacks.
The Threat Visualizer
The Threat Visualizer
The Threat Visualizer is Darktrace's real-time, 3D threat notification interface. As well as displaying threat alerts, the Threat Visualizer provides a graphical overview of the day-to-day activity of your network(s), which is easy to use, and accessible for both security specialists and business executives.
When the human immune system is faced with a new threat, not only can it detect it, but it produces antibodies that bind to it, and ultimately neutralize it. Darktrace Antigena replicates this function of the human immune system, by creating 'digital antibodies' in response to in-progress threats.
Darktrace ICS, also known as the Industrial Immune System, is a fundamental innovation that implements a real-time ‘immune system’ for operational technologies, such as SCADA, and enables a fundamental shift in the approach to cyber defense.
Darktrace ICS retains all of the capabilities of Darktrace in the corporate environment, creating unique, behavioral understanding of the ‘self’ for each user and device within the network, and detecting threats that cannot be defined in advance by identifying even subtle shifts in expected behavior.
Darktrace Cloud Connectors allow companies to easily extend Darktrace’s visibility and detection capabilities to cloud-based offerings. This allows anomalous behaviors to be detected, extending Darktrace’s Enterprise Immune System defense beyond the physical enterprise network and into cloud environments.
Darktrace OS-Sensors are lightweight, host-based server agents that extend Darktrace’s visibility into third-party cloud environments, including Amazon AWS, Rackspace, and Microsoft Azure.
OS-Sensors intelligently extract single copies of network traffic for analysis by the master Darktrace appliance. They are easily installed onto virtual machines in the cloud and capable of dynamically configuring themselves to avoid data duplication and streamline bandwidth use. Working in conjunction with vSensors, data is aggregated and fed back to the master appliance, via a secure connection.
There are a number of methods by which Darktrace can interact and integrate with an organization’s existing security infrastructure. Enterprise Immune System can be integrated with SIEM dashboards, SOC environments or any other downstream ticketing and alerting tool, allowing security teams to adopt Darktrace without changing existing business processes and working practices.