Overview

Universal migration to the cloud continues to bring unprecedented opportunities for digital efficiency and collaboration to modern business. Now, most organizations—over 96% of them—use cloud computing in some capacity. This complex, dynamic technology is now mainstream. But so are the security vulnerabilities unique to this environment. Attacks that originate on the cloud, like 2019’s Capital One breach, are often incredibly severe, with attackers rapidly accessing large amounts of sensitive data.

Conventional cloud security tools, like CASBs and CWPPs, are rooted in the legacy approach to cyber security that catches threats based on historical attacks. Predetermined ‘rules and signatures’ are used to catch only those threats that had to have been seen before. In addition to being blind to zero-day threats, cloud specific tools lack the critical ability to correlate information from the enterprise’s other digital environments and user activity. To protect any digital environment, tools need to be able relate context and activity across all topologies entirely.

Instead of emulating these flawed security conventions, Darktrace pioneers a fundamentally unique approach to securing cloud environments. Rather than predefining what constitutes a threat using fixed rules and signatures, Darktrace Cyber AI leverages artificial intelligence to learn the typical ‘pattern of life’ of every user, device, and container it defends while ‘on the job’. This continuously refined sense of ‘self’ enables the technology to flag the subtle behavioral anomalies that accompany the full range of cyber-risks and cyber-attacks — whether known or unknown.

“Before Darktrace, our internal activity and lateral movements in the cloud were completely invisible,” said Damien Marle, Director of IT at TRJ Télécom. “When we activated Cyber AI, it was like flipping on a switch in a dark room. The AI provides complete visibility of our cloud infrastructure, allowing us to monitor activity across our locations in one view.”