Darktrace Enterprise Immune System (EIS)
Darktrace Enterprise Immune system (EIS) is the leading AI defence tool employed by many marketplace leaders and charities such as BT, AXA and The Royal British Legion to name a few.
Today’s rapidly evolving threat landscape demands a fundamentally new approach to detecting attacks at an early stage, before they have time to do damage. By observing your network, DarkTrace Enterprise Immune System creates a ‘pattern of life’ for the normal operations of your company. From this data, DarkTrace EIS can detect any anomalous behaviour on your network and alert your IT/Security team to address suspicious behaviour that may be malicious.
Using proprietary machine learning and AI algorithms developed by mathematicians from the University of Cambridge, Darktrace Enterprise detects and ranks all forms of cyber-threats, including subtle insider threats, low-and-slow attacks and automated threats, without prior assumptions of what ‘malicious’ activity looks like.
The solution works by passively analysing raw network traffic across the digital enterprise, and continually makes probabilistic judgments about what is normal or abnormal behaviour. In doing so, Darktrace creates an evolving understanding of the ‘pattern of life’ of every device and user, as well as each network and subnet.
Based on core Enterprise Immune System technology, these ‘patterns of life’ are dynamic, and adapt as your network evolves. Without presuming to know in advance what activity is ‘malicious’ or not, Darktrace Enterprise independently learns to detect significant deviations from the ‘pattern of life’ of a business, and immediately alerts the organization to the potential threat.
This probability-based approach means that Darktrace Enterprise is agnostic to the provenance, delivery mechanism, tactics and function of the cyber-attacker or threat. All significant deviations are seen and correlated, resulting in the detection of genuine threats, without producing floods of false positives.
Critically, Darktrace Enterprise is self-improving too, becoming increasingly accurate over time.
Clear Network Visibility
Cyber security analysts face not only overwhelming volumes of data but also increased complexity as the digital business continues to expand. In this environment, an efficient and effective way to visualize interconnected data is essential to allow for sophisticated threat detection and remediation.
To defend their networks against a range of attack types, organizations require a powerful tool that provides insight into the relationships and data flows across the network, as well as intuitive visual storytelling that can be used to identify and investigate potential emerging threats as they unfold.
Darktrace Threat Visualizer
The Threat Visualizer is Darktrace’s graphical and interactive 3D interface, which visualizes network activity and enables users to investigate anomalies in real time. It is designed for users of all maturity levels, from forensic security experts, to business executives and less experienced members of the IT team.
A wealth of rich information can be variously queried and exposed using the interactive features within the Threat Visualizer. Cyber security analysts use it as an essential system to investigate cyber incidents, while visualization techniques provide a high-level overview of security issues for business executives, helping to bridge the gap between technical specialists and the boardroom.
Dynamic Threat Dashboard
The Dynamic Threat Dashboard provides a simplified, real-time view of high-priority threats and suspicious activities to help expedite the response process. This allows even the leanest security teams to perform extremely rapid triage with a minimum of interaction. Its streamlined interface facilitates quick sorting, viewing, and acknowledging of breaches, which can then be investigated by pivoting to the Threat Visualizer, which gives a comprehensive view of the relevant network activity.
Darktrace Mobile App
Available for iOS and Android, the Darktrace Mobile App allows users to easily access Darktrace when they are on the move. Designed to offer maximum flexibility and to increase the speed of mitigation, the app offers push notifications of in-progress threats and one-click confirmation of Darktrace Antigena’s autonomous response actions. When an attack transpires, security teams can remotely view and remediate threats within seconds, even when they are out of the office.
Powered by Darktrace’s world-leading AI, Darktrace Antigena is an autonomous response solution that takes targeted action against inprogress cyber-threats in real time.
The technology works like a digital antibody, intelligently generating surgical and proportionate responses when a highly threatening incident arises. By enforcing the normal ‘pattern of life’ for a given user or device, the system interrupts malicious activity while sustaining normal operations. This ability to contain emerging threats using proven AI is a game-changer for security teams, who benefit from the critical time needed to catch up and avoid major damage.
With over 8,000 deployments across 105 countries worldwide, Darktrace’s cyber AI is being harnessed to transform even the most complex and vulnerable organization into a resilient, self-defending digital business, neutralizing advanced attacks before they have time to escalate into a crisis.
Antigena Network is an autonomous response module that takes action within the network, including in virtualized and cloud environments. It requires no additional hardware and can be activated within minutes.
The autonomous response module is customizable, allowing customers to stay in the driving seat, and transition to a fuller use of AI in their enterprise. The system can be configured in one of two modes:
• Trust-Building Mode: Human Confirmation
In this mode, Antigena Network generates responses which must be validated by the security team before action is taken. This allows you to build confidence in Antigena’s decision-making before switching to Active Mode.
• Active Mode: Self-Defending Digital Business
In Active Mode, Antigena Network is fully autonomous, meaning that a serious threat may be instantly contained without a security analyst needing to log on. The system acts within the operating parameters that you define, and an alert is generated to indicate the action taken.
Free Proof of Value
OmniCyber Security with Darktrace now offers you the opportunity to evaluate the power and benefits of Darktrace’s award-winning cyber AI technology, at no charge to your enterprise.
Detect Threats You Didn’t Know About
Darktrace quickly forms an evolving understanding of the ‘pattern of life’ of your network. It will automatically detect threats and anomalous behaviors that would otherwise go undetected by legacy security products.