Darktrace applies the biological principals of the human immune system to the challenge of protecting the enterprise from advanced cyber-threats. The company’s vision is to use cutting-edge technology to help organizations detect abnormal behavior within their networks in real time, before these incidents develop into damaging cyber-attacks.
Enterprise Immune System
Darktrace’s award-winning Enterprise Immune System technology is uniquely capable of detecting the most subtle cyber-threats within the network, including insider threat. Powered by advanced machine learning and mathematics, the Enterprise Immune System automatically and adaptively learns a normal ‘pattern of life’ for every user, device and network, in order to detect emerging behaviors that represent real threats. This self-learning technology provides corporations with comprehensive visibility into their networks’ activity, allowing them to proactively respond to threats and prevent damaging cyber-attack.
Why is machine learning and mathematics important for cyber security?
The legacy approach of surrounding your information with higher and higher walls is not suﬃcient against today’s threat landscape. New advances in machine learning and mathematics, developed at the University of Cambridge, have allowed a new era of cyber security, which takes for granted that threat is permanently inside the network. Instead of pre-deﬁning ‘bad’ behaviors and relying on prior knowledge about previous attack methods, a machine learning approach is capable of automatically modeling and clustering information dynamically and at speed. This means it can proactively suggest areas of abnormality or suspicion that should be investigated by the organization.
Darktrace brings together:
• World-class mathematicians and machine learning specialists
• Government intelligence experts
• Experienced technologists and enterprise software professionals
What Darktrace Does
Darktrace’s Enterprise Immune System Technology is uniquely capable of:
• Detecting mathematical anomalies within the network
• Learning normal and abnormal behaviors in real time
• Addressing insider and external threats
• Protecting both enterprise and Industrial Control System networks (including SCADA)
Darktrace Fast Facts
• 1000+ deployments
• 144 global partners
• 20 global oﬃces
• 230+ employees
• Gartner ‘Cool Vendor’ 2015
• Queen's Award for Enterprise in Innovation 2016
• ‘Best Security Company of the Year’ at Global Excellence Awards 2016
• World Economic Forum 'Technology Pioneer' 2015
• Headquartered in Cambridge, UK and San Francisco
Darktrace Proof of Value
What is a Proof of Value?
A Proof of Value (POV) is a unique, easy four-week trial that allows you to evaluate Darktrace’s Enterprise Immune System and Threat Visualizer within your own environment. The POV allows organizations to understand why some of the world’s leading companies are relying on Darktrace to gain unprecedented visibility into their networks and detect emerging cyber threats within their systems in real time – before they develop into damaging incidents. Darktrace’s experienced team will install an appliance within your environment in just one day, and give you access to the groundbreaking Threat Visualizer interface. During the POV, you will also receive detailed updates on what Darktrace detects, produced by world-leading cyber analysts.
Why do a POV?
Achieve Global Visibility
Today’s networks are large, busy and complex, making it very difficult to work out what is going on, where and how, at all times.
Darktrace uniquely models, maps and visualizes your entire network, down to device and user level, giving you a unique and intuitive overview of what is going on within your organization.
• See what your network and interactions really look like
• Have the ability to ‘zoom in’ on parts of your infrastructure, by network, device or user
• Understand your own organization better than adversaries do
Detect Threats That You Did Not Know Existed
Darktrace’s unique immune system approach is powered by fundamental machine learning and probabilistic mathematics. It does not rely on signatures, rules or a priori knowledge of threats or your environment. The technology constantly learns what is ‘normal’ activity in network environments, correlating multiple weak indicators in order to form an accurate understanding of normal and abnormal behavior.
• Find anomalies and threats that you did not know existed – Darktrace’s machine learning and mathematical approach works from day one, and is constantly learning in order to detect unusual behaviors, without any a priori knowledge
• Understand what your top security priorities are – Darktrace lets you see and act on the top threats to your organization, without getting distracted by the noise of the network
• Take timely action to minimize risks to your organization and curb malicious or harmful behaviors
Threat Intelligence Reports
A Darktrace POV includes three weekly Threat Intelligence Reports that will explain and detail the most salient anomalies that the Enterprise Immune System finds, as determined by Darktrace’s expert analysts. Darktrace employs some of the world’s leading cyber intelligence and security professionals. Darktrace’s cyber threat analysts typically have strong government intelligence backgrounds, from the NSA, GCHQ, MI5 and other intelligence agencies, with unprecedented, real-world experience of encountering and defending against some of the most persistent and pernicious cyber threats and attackers.
• Benefit from the expert analysis of the world’s leading cyber threat analysts
• Collaborate directly with Darktrace analysts to understand the unique findings of the Darktrace appliance
• Receive weekly Threat Intelligence Reports from the second week onwards, providing tailored analysis of your environment’s top threats based on the investigations of lead cyber analysts
• Get expert advice on threat remediation in response to the anomalies detected
How does it work?
1. Installation of the Darktrace appliance
A single Darktrace appliance can be installed in 1-2 hours or less, and uses up to 2U of rack space.
2. Passive data collection
Darktrace uses raw network traffic in order to get maximum visibility of your network and to model your enterprise, devices and users to a high degree of accuracy. Data is passively collected using one of the following methods:
• Port spanning via your existing network equipment
• Insertion or reuse of an in-line network tap
• Access to existing repositories of network data
3. Data analysis and modeling
Darktrace immediately starts ingesting, analyzing and modeling network data. Using its unique, probabilistic and machine learning algorithms, Darktrace establishes a ‘pattern of life’ for the enterprise, as well as every individual device and user, and detects true anomalies. Over the course of the POV, this understanding is constantly refined and revised as the Enterprise Immune System incrementally learns more and more about how your organization behaves.