What’s New
Technology
Products
Blogs
Resources
Company
English
Legal
Technology
Self-Learning AI
Autonomous Response
Intelligence Augmentation
Attack Path Modeling
Cyber AI Research Centre
Products
Enterprise Immune System
Industrial Immune System
Darktrace Antigena
Cyber AI Analyst
Darktrace for Cloud
Darktrace for SaaS
Darktrace for Email
Darktrace for Endpoint
Darktrace for Network
Darktrace for OT
Darktrace for Microsoft
Darktrace for Ransomware
Integrations
Blogs
Darktrace Blog
Inside the SOC
Resources
Upcoming Events
On-Demand Events
Industries
Videos
White Papers
Data Sheets
Case Studies
Third-Party Reports
Company
Company Overview
Investors
In the News
Press Releases
Darktrace Community
Darktrace Education
Awards
Partners
Executive Team
Subject Matter Experts
Board of Directors
Advisory Council
Careers
Contact
Deutsch
English
Español
Français
Italiano
Português
日本語
한국어
What’s New
Technology
Products
Blogs
Resources
Company

When attackers strike, Autonomous Response
fights back on your behalf

Fast-moving cyber-attacks like ransomware can strike at any time, and security teams are often unable to react quickly enough. Autonomous Response uses Darktrace’s understanding of ‘self’ to take targeted action to stop in-progress attacks, without disrupting your business.

Responds with surgical precision

Powered by Self-Learning AI, Autonomous Response knows exactly the right action to take, at the right time, to contain an in-progress attack. The actions are precisely calibrated to ensure that the intervention is minimal, avoiding any disruption.

Protects the entire digital estate

Regardless of time or day, or where the attack comes in — through cloud, SaaS, email, or the corporate network — the AI takes precise action to neutralize threats on behalf of security teams.

Buys back time and frees up humans

Autonomous Response gives security teams peace of mind. The AI intervenes in escalating cyber incidents in seconds, and allows your people to focus on higher-value tasks.

Builds cyber resilience over time

When a cyber-threat emerges, Autonomous Response enforces the ‘pattern of life’ of the infected device or entity. Because Self-Learning AI continually enhances its understanding of your digital infrastructure, it constantly improves the precision of its response over time.

“Autonomous Response technology combats the most sophisticated ransomware attacks out there and allows us to continue normal business operations uninterrupted.”
CSO, Sunlife

Contains ransomware at every stage

Initiation
At the email layer, Darktrace can lock malicious links, convert or strip attachments, or hold emails back. It takes the least aggressive action necessary to contain the threat, without disrupting the business.
Establish foothold and beaconing (C2)
As the attacker attempts remote control, Darktrace detects anomalous connections and suspicious file downloads, enforcing the device’s ‘pattern of life’ or blocking specific connections — even if domains, file hashes and IP addresses have never been seen before.
Lateral movement
Darktrace stops lateral movement – even if the attacker uses ‘living off the land’ techniques – by detecting chains of subtle anomalies which may include unusual SMB/RDP sessions and network scans. It blocks anomalous connections, meaning the attack goes no further.
Data exfiltration
With double extortion ransomware on the rise, Autonomous Response stops attackers from exfiltrating sensitive data data by blocking unusual data transfers that fall outside a device’s ‘pattern of life’.
Data encryption
Autonomous Response stops encryption without impacting normal business operations with action that can be taken independently or via integrations with native security controls.

By understanding how your organization behaves, Autonomous Response stops ransomware at every stage and prevents cyber disruption.

Darktrace Antigena

Autonomous Response is the underlying technology that powers Darktrace Antigena – a product family that takes targeted action to contain cyber-threats wherever they strike – across cloud infrastructure and applications, email systems, endpoints, and the corporate network.

Discover the product
Next: Intelligence Augmentation