DARKTRACE

// Antigena Network

Antigena Network is the world’s first Autonomous Response solution for the enterprise. Powered by self-learning AI, it is the only solution that can interrupt attacks at machine speed and with surgical precision, even if the threat is targeted or entirely unknown.

By taking swift and targeted action, Antigena Network stops emerging threats that other tools miss. The technology provides 24/7 coverage of your entire workforce, when security teams are overwhelmed or simply aren’t around.

It takes an average of 2 seconds for Antigena to stop an emerging cyber-threat.

Play Video

Autonomous Response AI Decision-Making

The Industrial Immune System is a fundamental AI technology for OT cyber defense. It works by passively learning what ‘normal’ looks like across OT, IT and industrial IoT, allowing it to detect even the subtlest signals of emerging cyber-threats in real time.

This self-learning technology is protocol agnostic and can be deployed across a range of OT environments, providing full coverage of the organization without disrupting daily operations.

Key Benefits

Self-learning detection

Learns ‘on the job’ and adapts continuously

Automated analysis

AI Analyst generates threat reports in seconds

100% visibility

Protects cloud, SaaS, email, OT and on-prem

Fast install

No manual configuration

The next phase in our journey towards autonomous security is autonomous response decision-making.

Lawrence Pingree, Research VP, Gartner

Unified Coverage Across Your Entire Network

Antigena Network delivers Autonomous Response across your entire business, providing bespoke protection across IoT devices, industrial control systems, and on-premise infrastructure. While each response is grounded in Darktrace’s self-learning AI, the range of actions it can take fall into one of two broad categories of response:

Tactical Response

With Tactical Response, Antigena Network generates self-directed actions that neutralize attacks in seconds.

Each response is surgical and anchored in the system’s granular understanding of ‘normal’ for the entire organization. This allows Antigena Network to reliably judge which events merit autonomous response, and also maintain ‘business as usual’ by enforcing the normal ‘pattern of life’ of an infected device or compromised user.

Strategic Response

With Strategic Response, Antigena Network acts as the ‘AI brain’ of the entire security stack, leveraging high-confidence detections to hand off and integrate with inline defenses as a mechanism for response.

Through active integrations, Antigena Network can seamlessly plug into and enhance your existing ecosystem, informing firewalls and network devices about attacks that have gotten through.

Easy Control with our Mobile App

With the Darktrace Mobile App, you can leverage the power of Antigena on-the-go. Whether you’re out of the office or simply don’t have time to check on every action, our App makes it easier than ever to gain complete oversight and control.

AI That Fits Your Business

Antigena can be used in a variety of ways to match your specific business and workforce needs — whether that means only enabling active mode on the weekends, or just in certain areas of the organization.

Antigena can further be adjusted to treat different high-risk employees and devices differently, depending on your desired use cases and risk appetite.

Darktrace Antigena can autonomously and precisely contain in-progress attacks far quicker than our human team can, and ensures our operations stay on track.

Shane Silcox, Information Systems Manager at Layton Construction

Proven to Protect

  • Antigena Network

    Zero-Day Ransomware Neutralized

    Antigena Network stopped a previously-unknown ‘zero-day’ ransomware attack targeting an electronics manufacturer, after detecting a large number of unusual SMB connections and anomalous reverse DNS lookups. Antigena Network kicked in a second later, enforcing the usual pattern of life by blocking anomalous connections, immediately stopping the encryption without relying on rules, signatures or historical data.
  • Antigena Network

    Targeted Action on Compromised Security Camera

    At a financial services firm, Antigena Network prevented a serious breach of sensitive information when an Internet-connected CCTV camera was targeted by an attacker as the entry-point to the network. The threat actor immediately began attempting to move massive volumes of data to and from the unencrypted CCTV server. Antigena surgically blocked data movement from the device to the external server, while sustaining the camera’s normal function.
  • Antigena Network

    Antigena Prevents IoT Data Exfiltration

    At an amusement park in North America, a threat actor attempted to steal sensitive customer data via a vulnerable IoT device: a ‘smart’ locker used by visitors to store personal belongings. This ‘low and slow’ attack successfully evaded rules-based security defenses, but Antigena spotted an unusual quantity of unencrypted data being sent to a rare external site and blocked all outgoing connections from the compromised device.
  • Antigena Network

    Insider Threat Contained

    Darktrace’s AI neutralized a malicious insider at a major investment firm in South Africa after it witnessed a laptop connecting to hundreds of internal IP addresses and then moving multi-purpose script files using a remote-administration tool. Based on its dynamic evaluation of the threat, Antigena Network blocked all outgoing connections from the laptop, instantly containing any lateral movement.