A note from Jack Stockdale, Darktrace CTO
As 2021 draws to a close, I wanted to share a recap of new capabilities that were released across the platform, as well as breakthroughs from our Darktrace AI Research Centre. As always, our entire R&D team want to thank you all for your input about how we can continue to enhance our products to support security teams in the day-to-day fight against cyber-threats.
Some key R&D highlights for me include:
- Growing our R&D team, including doubling the headcount of our core development team
- Filing for 11 patents bringing our total to more than 71 patent applications
- Releasing new ‘Coverage Areas’ including Endpoint and Zero Trust
- Delivering our serverless cloud architecture on AWS and Antigena Email on Azure
- Productization of adversarial research into the initial AI Red Teaming module, delivered to early adopters in December 2021
Darktrace AI Research Centre
Now, I’d like to share some insights into the cutting-edge research taking place in the Darktrace AI Research Centre in Cambridge, UK. This research is important because it’s the innovation that allows our community to outpace the adversaries both now, and in the future. This is led by a team of PhDs and mathematicians with a wide range of experience in various areas.
Much of our latest research is in areas such as Attack Path Modeling, GANS (Generative Adversarial Networks), reduced dimension encoders, natural language/BERT transformers, and time-series/LSTM data for our new Prevent products. Below, I’ve outlined a few areas of core significance:
We’ve been researching how to use AI in an adversarial capacity for many years – originally to verify and improve our AI Detect and Respond defensive products. This research has allowed us to become experts as we start to use AI to proactively analyze cyber risk and test your security teams. GANs and associated methods are fascinating techniques, allowing two competing systems to learn and improve from each other in simulated war games.
Attack Path Modeling
Another area of research has been in developing exciting new modeling and simulation capabilities which will allow any Darktrace system currently performing Detect and Respond to be enhanced into a proactive risk-reducing tool – identifying areas of your digital estate with high or low risk, or areas of potential impact.
AI-Driven Red Team Exercises
Building on the above two areas, we are also researching how we use AI and our unparalleled access to data from across the enterprise – SaaS, Cloud, Endpoint, Networks, Email, etc. – to perform intelligent, continuous simulated attacks against your security team, employees, and infrastructure. While completely safe and controlled, these would simulate genuine, real-world attacks to help automate red teaming in a broad and deep manner.
And while the above is focused on Prevent, we have also been conducting breakthrough research around Detect, Respond, and Darktrace Coverage Areas. In fact, we will soon be launching an area of our website dedicated to some of these research discourses. Below are a few of the titles you may expect to see on this new page:
- A multi-platform approach to Autonomous Response
- Calculating recipient likelihood through classification of historic communication patterns
- Challenges faced by multi-cloud architectures and data segregation in the cloud
- Robust Identification of Ransomware Encryption over SMB
- Transformer-based sequence prediction to identify anomalous SaaS events
As you can see, the team has been very busy to say the least! So, what does the future hold?
Our Vision: A Continuous Cyber AI Loop
At Darktrace, while we started with breakthrough Cyber AI research in Detect and Respond – the ability to identify and autonomously respond to novel threats in real-time – our ambition can best be summarized in our vision to deliver a continuous, self-optimizing AI loop to customers. We have shared this vision, along with an early look at our AI Red Teaming product, at recent Customer Innovation Summits.
On behalf of Darktrace R&D, we are excited to continue to push the boundaries of security innovation, and look forward to exciting new ventures to come. Have a Happy New Year.