Darktrace’s Enterprise Immune System uses proprietary machine learning and AI algorithms to build a so-called “pattern of life” for every network, device, and user within an organization. It then employs correlation techniques to classify and cross-reference these models, establishing a highly accurate understanding of ‘normal activity’ within that particular environment.
From this evolving understanding of ‘normal’, it can then detect potential threats as they emerge in real time. It is a self-contained system and does not rely on rules, signatures, or prior assumptions of known threats. The technology’s total time to install is around one hour and results are produced immediately, without tuning or configuration.
The Enterprise Immune System further employs an autonomous response technology, Antigena, which allows networks to take instant and autonomous action against in-progress cyber-attacks. Antigena takes targeted action, for example slowing down or stopping a compromised connection or device, in order to neutralize threats without impacting normal business operations.
One end user, Michael Sherwood at City of Las Vegas commented, “Darktrace Antigena is the only automated response technology that is capable of fighting the most important battles for us. Using Darktrace’s AI, we can now stop never-before-seen threats in their tracks, allowing us to remain uniquely proactive in the face of a rapidly-changing threat landscape.”
The product also visualizes network activity on a user interface, called the ‘Threat Visualizer’, which makes the network and any detected anomalies fully searchable, and provides comprehensive visibility of both traditional and non-traditional IT.