Enterprise Immune System
Photo Gallery
 |
 |
Enterprise Immune System
Additional Info
| Company | Darktrace |
| Website | http://www.darktrace.com |
| Company size (employees) | 200 |
| Type of solution | Software |
Overview
Darktrace’s Enterprise Immune System is inspired by the biological principles of the human immune system, which takes for granted that compromise is inevitable, and deals with this situation by being able to learn ‘self’ and proactively detect potential viruses or bacteria, and thereby ward off illness. Thanks to major advancements in the power of machine learning and mathematics, Darktrace has built a system that is capable of learning ‘self’ for organizations, and dynamically detect potential threats as they emerge – and while there is still time for the organization to respond and defend themselves.
The Enterprise Immune System works by observing large volumes of data within networks, and ‘learning’ the pattern of life for every device and individual user of the organization, using advanced mathematical models and algorithms, in an adaptive manner. It also employs powerful correlation techniques to classify and cross-reference these models, in order to establish a highly accurate understanding of what constitutes ‘normal’ or ‘abnormal’ at any one time.
In achieving this understanding of an organization’s ‘self’, Darktrace can thereby spot new, emerging behaviors that fall outside this pattern of normality, which may be indicative of serious threat or an in-progress attack. Drawing on probabilistic Bayesian mathematics, the Enterprise Immune System constantly calculates probabilities based on evolving evidence. This means that threats or attackers that have not previously been identified can still be detected – including insider threat, which is notoriously difficult to identify, because it is perpetuated by supposedly trusted users.
Detecting mathematical anomalies in real time, Darktrace issues alerts to organizations about genuinely suspicious incidents that are occurring on their networks, allowing them to take proactive measures to mitigate the risk. The ability to spot not only known malicious software, but also completely novel and evolving attackers helps organizations defend against the most sophisticated and stealthy threats.
How we are different
• Allows organizations today to rely on a self-sustaining, self-learning system to constantly monitor network activity, giving them the confidence of understanding what is happening and where to focus human resources.
• The Enterprise Immune System is designed to be used by senior business leaders, as well as technical specialists. With this in mind, Darktrace’s Threat Visualizer interface provides a 3D visual overview of all digital interactions happening within a business in real time, and exposes Darktrace’s threat alerts. The Visualizer is a critical tool in helping non-experts to understand the threat level that the organization faces at any one time, and is also used by specialists to conduct deep investigations in incidents that have been uniquely detected by Darktrace, and help them see why and where anomalous behaviors have occurred.
• Darktrace provides the most advanced and automated way to accurately spot cyber-attacks while they are still in-progress inside an organization, and while there is still time to act. Combining its technical specialists in the UK and leading mathematical research, the innovation of the Enterprise Immune System is today fundamentally allowing organizations to keep up with a perpetually evolving threat landscape, irrespective of who is behind the attack, what their methods are, or where they may strike.
