Darktrace for Cloud
Darktrace for Cloud brings Darktrace’s Self-Learning AI to hybrid and multi-cloud environments.
VPC Traffic Mirroring allows Darktrace to build rich behavioral models for unique AWS environments
Continuously analyzes all Azure cloud traffic via lightweight, host-based server agents
Google’s Packet Mirroring gives Darktrace total coverage across all Google Cloud services
Self-learning cloud security
Powered by Self-Learning AI, Darktrace for Cloud learns the normal ‘patterns of life’ for users, devices, containers, and instances from scratch in order to detect and respond to unknown and unpredictable cyber-attacks.
Thrives in complexity
Self-Learning AI is agnostic to different data forms and continuously revises its understanding of ‘normal’ across multiple cloud workloads in real time.
Responds in seconds
Darktrace’s continuously evolving understanding allows it to detect subtle deviations indicative of a threat, and take targeted and surgical action to contain the threat at machine speed.
The Darktrace Immune System protects your dynamic workforce across every environment, from email, SaaS, and cloud infrastructure to the corporate network, OT, IoT, and the endpoint.
This allows Darktrace to recognize that actions which appear benign in isolation can point to a greater picture of threat.
For example, the AI can understand how a user login in AWS is linked to highly unusual login activity on that same user’s Microsoft 365 account moments earlier.
In such a case, Darktrace would immediately realize that an account takeover had occurred and autonomously stop the threat.
Self-Learning AI: use cases
Detects anomalous device connections and user access, as well as unusual resource deletion, modification, and movement
Catches unusual permission changes, and anomalous activity around compliance-related data or devices
Spots brute force attempts, unusual login source or time, and unusual user behavior including rule changes or password resets
Identifies the subtle signs of malicious insiders – including sensitive file access, resource modification, role changes, or adding/deleting users
As working patterns continue to evolve, Darktrace provides visibility over the remote business, detecting everything from account takeovers to advanced phishing attacks. This blog discusses how Cradlepoint utilizes Self-Learning AI to secure its SaaS environments.