The Industrial Immune System
Darktrace’s Industrial Immune System illuminates even the most complex cyber-physical ecosystems, detecting novel threats and vulnerabilities, and safeguarding the integrity and resilience of industrial technologies.
Continuously revises understanding of ‘normal’ with no tuning necessary
Gain unparalleled visibility of OT, IT and industrial IoT
Protocol and operating system agnostic
Catch today’s attackers — and tomorrow’s
Powered by Self-Learning AI, the Industrial Immune System identifies both fast-moving and stealthy threats in real time — regardless of whether they have been seen before.
Protecting ICS environments globally
From major manufacturing plants to power stations, transportation grids, and all other forms of critical national infrastructure, the Industrial Immune System delivers autonomous protection.
Darktrace’s technology is unique for each particular cyber-physical ecosystem — crucially, without the need for constant tuning and manual configuration.
With Cyber AI Analyst, Darktrace stitches together disparate threat alerts across the digital infrastructure into a single security incident, automating the threat investigation process. It also generates natural-language reports suitable for executive review, helping to bridge the skills gap between OT and IT.
Darktrace automatically generates a database of all devices in OT and cyber-physical environments. It identifies assets such as PLC, SCADA, HMI, IIoT, and other bespoke technologies. Asset identification can be passive or active, depending on suitability.
OT Engineer Dashboard
Intuitive and easy-to-use, the OT Engineer Dashboard surfaces only the most operationally relevant alerts. It displays an optimized overview of security events, with intuitive, easy-to-use pathways that pivot to in-depth analysis and forensics.
The Industrial Immune System caught a simulation of a state-of-the-art attack at a major international airport in Europe. Legacy security tools failed to pick up on this activity, as the attacker used legitimate tools in order to blend into the environment and evade detection. Darktrace, however, was able to identify unusual commands used by the attacker within those ‘normal’ connections, and launched an automated investigation in real time.