Technology
Products
Resources
Company
English
Technology
Products
Blog
Resources
Company

How Self-Learning AI scaled to secure Cradlepoint’s SaaS environments

Brandon Ashey, Director of IT and Security at Cradlepoint (Guest Contributor) | Wednesday March 3, 2021

Cradlepoint is a world leader in Wireless WAN connectivity. Its wireless edge solutions use 4G LTE and 5G cellular networks to help businesses connect people, places, and things to the cloud and critical applications. Our software-based 4G and 5G routers are used by more than 25,000 businesses and government agencies around the world. Cradlepoint technology is everywhere — you’ve likely interacted with it without even knowing. From being used on municipal buses and regional trains providing Wi-Fi, to being embedded in police vehicles and fire trucks providing reliable, security connectivity, Cradlepoint has a wide range of deployments.

Being a cloud-based company, some of Cradlepoint’s most sensitive assets — including our customer data—are stored and shared across SaaS applications. With SaaS account takeover and increasingly sophisticated phishing attacks becoming more of a threat to businesses, we were looking for a single solution that could deal with both threat vectors. With Darktrace’s AI, our entire Microsoft 365 environment feels secure from the full range of attacks.

Extending Darktrace’s coverage to email

We began our journey with Darktrace in 2018 and were quickly impressed with the AI’s ability to swiftly detect and neutralize a range of cyber-threats. With a general increase in the sophistication of attacks over the years, especially the prevalence of stealthy bitcoin mining malware that more and more companies are being hit by, we wanted to make sure we had a premier solution known for catching and triaging these events. With Darktrace, we are getting fully generated incident reports, surfacing all the relevant information for us on a single screen. What would normally take my team hours or days to triage and investigate is taken care of in minutes.

After being impressed by Darktrace initially, we decided to extend visibility into email and SaaS – two increasingly critical areas of our business. After three years of trialing various tools to target email attack prevention, we had pretty much exhausted all the traditional options available to secure our environment. And it wasn’t enough.

So when Antigena Email came along – a solution that uses that same self-learning AI and leverages insights from across the business – we had to try it out. We got it set up and running in five minutes, and from the first week it really impressed us. We have had, and continue to see, tremendous results as it catches everything from phishing attempts to spoofing attempts and more.

Spotting account takeovers with Darktrace’s SaaS connectors

Along with Antigena Email, we implemented Darktrace’s SaaS connectors, which gave us amazing visibility across our full Microsoft 365 environment, as well as our CRM, Salesforce. Our previous authentication approach wasn’t enough on its own to secure these environments, and with more companies experiencing account takeovers, we wanted to get in front of it and be confident we had full oversight of this threat vector. Once inside an email account, for example, attackers can gather and exfiltrate sensitive customer data, and use the account as a springboard for further malicious emails.

Working in tandem, Antigena Email and Darktrace’s Microsoft 365 SaaS connector together give us confidence that cases of account takeover will be detected, investigated, and neutralized, before any damage is done.

In the current working conditions, people are using email, CRMs and CMSs more than ever to store and share sensitive files; with Darktrace, I can monitor all that from a single user interface, or on the fly from the Darktrace Mobile App. Because the technology is self-learning, it’s low-maintenance – but when we do need to step in, we can do so with a single touch or click.

Cyber AI supports organization-wide security strategy

Like most companies right now, the majority of our employees are working from home. Our digital infrastructure has rapidly changed. Much of our intellectual property is shifting from our headquarters to remote endpoints. Darktrace will continue to be a crucial partner as we rethink how our users operate. What the ‘new normal’ will look like is yet to be established: the only certainty is uncertainty, and I am sure our digital landscape will continue to change in the months ahead. Having a cyber defense technology that evolves with us allows Cradlepoint to ride the storm, confident in the safety and integrity of our data.