What’s New
Technology
Products
Blogs
Resources
Company
English
Legal
Technology
Self-Learning AI
Autonomous Response
Intelligence Augmentation
Attack Path Modeling
Cyber AI Research Centre
Products
Enterprise Immune System
Industrial Immune System
Darktrace Antigena
Cyber AI Analyst
Darktrace for Cloud
Darktrace for SaaS
Darktrace for Email
Darktrace for Endpoint
Darktrace for Network
Darktrace for OT
Darktrace for Microsoft
Darktrace for Ransomware
Integrations
Blogs
Darktrace Blog
Inside the SOC
Resources
Upcoming Events
On-Demand Events
Industries
Videos
White Papers
Data Sheets
Case Studies
Third-Party Reports
Company
Company Overview
Investors
In the News
Press Releases
Darktrace Community
Darktrace Education
Awards
Partners
Executive Team
Subject Matter Experts
Board of Directors
Advisory Council
Careers
Contact
Deutsch
English
Español
Français
Italiano
Português
日本語
한국어
What’s New
Technology
Products
Blogs
Resources
Company

Darktrace Antigena

Powered by Self-Learning AI, Darktrace Antigena takes targeted, proportionate actions in response to cyber-attacks, without disrupting day-to-day business.

Arrange trial

Interrupts emerging attacks by enforcing ‘normal’

Constantly updates its understanding of your organization’s ‘pattern of life’

Stops ransomware in under a second

Attacks are interrupted at multiple stages of the attack lifecycle

Targeted and proportionate

Takes precise action to contain the threat, without disrupting normal operations

You can’t predict what the next attack will look like

The hallmarks of an attack are constantly changing. Pre-programmed response tools rely on knowledge of past attacks to stop new threats – meaning they are blind to novel malware and new attack techniques.

Leveraging Darktrace’s dynamic understanding of ‘self’ across an organization, Autonomous Response takes appropriate actions that stop new and sophisticated threats from developing, without disrupting normal business operations.

Why Autonomous Response has become critical

Attacks are getting faster
‘Smash and grab’ tactics are rising again
Deliberate ‘out of hours’ strikes
Threat actors attack at weekends, when they know human response times are slower
Disruption is not an option
Stopping cyber-threats cannot come at the expense of normal operations
Overstretched security teams
Incidents are not discovered until it is too late
Takes the least aggressive action needed

Its evolving, real-time knowledge of your digital estate enables Darktrace Antigena to target only the malicious behavior, allowing normal activity to continue. As time goes on, it continues to monitor the incident in case the attacker changes tactics and further intervention is needed.

Build trust in the AI

Antigena can be configured to suit your security maturity and business needs. As the AI becomes familiar with the digital environment and the user builds trust in the decision-making, many operators switch from Human Confirmation to full Autonomous Mode within weeks.

Stops attacks at every stage

Cyber-attacks like ransomware have multiple stages – and Antigena intervenes at every step: from initial intrusion (via email phishing or a malicious software download) to lateral movement, data exfiltration and encryption.

Actions that Antigena can take include:

  • Blocking unusual connections
  • Locking links and attachments in email
  • Forcing SaaS account logouts across multiple devices
  • Enforcing the ‘pattern of life’ of a device
  • Quarantining endpoint devices where necessary

Darktrace Antigena operates across your entire digital estate

Network
Neutralizes the full range of cyber-threats that have breached your perimeter, including ransomware and ‘unknown unknowns’.
Cloud
Neutralizes fast-moving threats in AWS, Microsoft Azure, and other cloud infrastructure.
Email
Takes autonomous, targeted action to neutralize advanced phishing and spoofing, including supply chain attacks.
Applications
Responds to account takeovers and data loss in cloud applications like SharePoint and Microsoft Teams.
Endpoints
Protects employees wherever they are in the world, taking action to contain threats targeting endpoints operating outside of the network and VPN.
OT
Antigena can stop attacks that may go on to disrupt cyber-physical operations by intervening at the higher levels of the Purdue model, where desired.

Stay in the loop with the Mobile App

Full oversight of Antigena’s actions is provided through Darktrace’s Threat Visualizer interface, and via the Darktrace Mobile App.

Next: Cyber AI Analyst