Darktrace Cyber AI Platform

Additional Info

Company size (employees)1,000 to 4,999
Type of solutionHybrid


Business spend an average of $11 million on insider-related security incidents. Comprising a third of all breaches last year, insider-related attacks remain a constant threat to the modern enterprise. Some of the biggest breaches in recent history were caused by malicious insiders. Whether malicious or accidental, insider threat fundamentally evades most traditional security tools, which are often designed only to prevent outsiders from infiltrating.

A disgruntled employee can leverage their access, effectively invisible to security measures, because they are already on the inside of a security system designed to keep threats out. Perimeter tools that sit on the digital borders of networks are blind to threats that arise from anywhere else inside the infrastructure. Detecting true threats as they arise requires a context-rich understanding of the activity of all users across the environment.

Cyber AI is the only tool that can detect the subtle deviations in user activity that reveal insider threat. Leveraging unsupervised machine learning, the Darktrace Cyber AI Platform takes into account many dimensions of data to understand the relative risk of user behavior. The more anomalous behavior is, the higher the risk it presents. As abnormal activity emerges on the infrastructure, Darktrace alerts on it immediately, early enough to prevent significant damage.

“When the Enterprise Immune System identified an emerging insider threat incident, it was all the proof we needed,” says Nitin Arneja, Director of Information Systems at ZPower. “Darktrace provided more visibility and better anomaly detection capabilities than any other tool on the market.”

How we are different

• Insider threat presents serious risk—insiders wield privileged power in enterprise infrastructures.
• Elusive to detect, traditional security tools are often blind to the subtle manipulations characteristic to insider attacks. Darktrace, by learning normal user activity ‘on the job’, immediately flags divergent behavior.
• Darktrace guards its thousands of customers against insider threats: from sequestering advanced phishing campaigns from employee inboxes to detecting the subtle activity of the onset of malicious insider attack.