Darktrace Cyber AI Platform consists of two flagship products and four data analysis modules:
- Enterprise Immune System which understands the DNA of a company at a granular level to detect threats and Cyber AI Analyst to automate higher level processes of investigating threats;
- Antigena, the first autonomous response system for defending customers from machine-speed attacks, takes action with surgical precision and control either directly or through integration with firewalls or SOAR products; and
- Data analysis modules include Cloud/SaaS, Email (Office 365, G-Suite), Industrial/IoT (including legacy devices and smart sensors), and on-premise and virtualized networks.
“I’m really excited about how much R&D Darktrace is putting into their platform,” said Bobby Garrett, IT Director, Gray, Gray & Gray.
Matt Wood, Manager of Global Information Security at Trek Bicycle Corporation, commented: “Darktrace has a great platform and it’s great to see the AI continue to evolve. Nobody else is doing this today.”
Highlights of Version 4’s new features include:
Cyber AI Analyst
Cyber AI Analyst combines analyst intuition with AI to automate threat investigations at a speed and scale that no human could. By reducing the time to triage by 92%, the Cyber AI Analyst augments human teams and buys back time for more strategic work. Read the full press release
Cloud and Container Security Enhancements
Darktrace now offers native support for AWS VPC Traffic Mirroring and Azure’s vTAP. Darktrace customers can benefit from real-time coverage of cloud workloads in AWS and Azure, without having to rely on sensors or capture agents. For organizations that use containerized systems such as Docker or Kubernetes, Darktrace’s self-learning AI can now better model individual containers and ephemeral workloads.
Antigena Control
The launch of Version 4 comes with a robust expansion of Antigena configuration options, including enhanced, granular control across network, cloud, and email and improved flexibility to define what Antigena will do in response to a given threat.
Mobile App Upgrade
Improvements to the Mobile App include real-time push notifications, reduced complexity and configuration, and new pages that support ‘Incidents’ generated by the Cyber AI Analyst, allowing organizations to monitor the output of Darktrace’s AI or interact with Antigena while on the move.
Executive Reporting
Executive Threat Reports allow security teams to share threat trends and other Darktrace findings in an accessible format with the rest of the business. New metrics and reporting features have been added in light of the shared best practices of leading CIOs and CISOs in the Darktrace Community, enabling organizations to learn from their peers and more effectively communicate their risk posture over time.
ServiceNow Integration
Customers will be able to feed Darktrace incidents into their ServiceNow ticketing system for review, and also pivot back in to the Threat Visualizer to drill down and investigate the context around each event. Custom Darktrace entries can be reviewed via a Darktrace dashboard, which will become available in the ServiceNow App Store.
* Other Cambridge Network members who made the Sunday Times Hiscox Tech Track 100 list were Featurespace, Azuri Technologies and Endomag