DARKTRACE

// The Enterprise Immune System

The Enterprise Immune System is a self-learning cyber AI technology that detects novel attacks and insider threats at an early stage.

Modeled on the human immune system, the Enterprise Immune System learns and understands ‘self’ for everyone and everything in the business, and can spot the subtle signals of an advanced attack — without relying on rules, signatures, or prior assumptions.

The Enterprise Immune System detects subtle signs of emerging threats in real time.

Learning ‘On the Job’

The Enterprise Immune System uses unsupervised machine learning and AI to understand all about your organization. Observing your users and devices, cloud containers and workflows, it learns ‘on the job’ what is normal for your organization.

Unlike traditional approaches that rely on blacklists, rules and signatures, the immune system approach learns from your data – forming a bespoke and evolving understanding of your digital environments. This unique approach enables Darktrace to detect the most sophisticated and stealthy cyber-threats that other tools miss.

Whether a new strain of ransomware or an emerging insider attack, the Enterprise Immune System detects the threat at its earliest stages.

Protection Across Your Enterprise

Cyber-threats can emerge anywhere – in your cloud or on SaaS, via email or on IoT devices on your network.

The Enterprise Immune System shines a light into all these environments, including Salesforce, Office 365 & SharePoint, AWS and Microsoft Azure.

This means that organizations benefit from a unified view of their entire digital estate – not just part of it – and can tackle emerging threats quickly.

Key Benefits

Self-learning detection

Learns ‘on the job’ and adapts continuously

Automated analysis

AI Analyst generates threat reports in seconds

100% visibility

Protects cloud, SaaS, email, OT and on-prem

Fast install

No manual configuration

Darktrace represents a new frontier in AI-based cyber defense. Our team now has complete, real-time coverage across our SaaS applications, cloud containers, and city-wide distributed sensors.

Michael Sherwood, Director of Innovation & Technology, City of Las Vegas

Proven to Protect

  • The Enterprise Immune System

    Malicious Insider in the Cloud

    One Microsoft 365 account was used in a brute force attack against a bank in Panama, with logins originating from a country that deviated from the normal ‘patterns of life’ of the company’s operations. Darktrace then detected highly unusual changes to account privileges, prompting it to alert the security team to a case of SaaS account takeover.
  • The Enterprise Immune System

    SaaS Account Brute Forcing

    One Microsoft 365 account was used in a brute force attack against a bank in Panama, with logins originating from a country that deviated from the normal ‘patterns of life’ of the company’s operations. Darktrace then detected highly unusual changes to account privileges, prompting it to alert the security team to a case of SaaS account takeover.
  • The Enterprise Immune System

    Biometric Fingerprint Scanner Targeted

    At a multinational manufacturing company, an attacker exploited known vulnerabilities to compromise a biometric scanner, which was used to restrict access to machinery and industrial plants. The attacker subtly changed the biometric data in a suspected attempt to gain access to the highly secure facilities. While the compromise bypassed standard signature-based solutions, Darktrace AI instantly detected the anomalous behavior.
  • The Enterprise Immune System

    Compromised Smart Fish Tank

    At an entertainment corporation, Darktrace detected anomalous data transfers from a recently installed high-tech fish tank to a rare external destination. By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. However, the external data transfers were deemed highly unusual by Darktrace’s AI, which proceeded to help the security team shut off the threat.