Technology
Products
Resources
Company
English
Technology
Products
Blog
Resources
Company

Vulnerability tracking, patching and threat intel: A legacy approach

Most current ICS security technology typically focusses on “reactive defense against known threats with limited capabilities to detect threats based on behavior rather than pre-defined indicators.”

Many advisories for ICS devices have no practical mitigation advice, and over a fifth of reported CVEs do not even include a patch. Most vulnerability management workflows are a process of diminishing returns.

Signature and rules-based technologies, as well as evidence-based threat detection such as vulnerability tracking and threat feeds, remain blind to unknown attacks by unknown actors.

Darktrace AI applies multiple layers of machine learning for threat detection and investigation.

Darktrace: A self-learning approach

Darktrace provides continuous detection, full visibility, actionable insights, and, where appropriate, autonomous response for diverse and complex ICS ecosystems.

Rather than relying on pre-defined IoCs or external threat feeds, Darktrace harnesses Self-Learning AI to continuously learn the ‘pattern of life’ for everything in the cyber-physical system, identifying deviations indicative of an emerging attack.

Defense at every layer

Darktrace for OT defends all the way down to Level 1 devices in the Purdue model, and indirectly into Level 0.

It also covers all higher Purdue levels, from supervisory functions, business logistics and enterprise networks beyond into cloud and SaaS. The AI technology also provides visibility into and around the DMZ.