Antigena Network

Book a Free Trial

Antigena Network is the world’s first Autonomous Response solution for the enterprise. Powered by self-learning AI, it is the only solution that can interrupt attacks at machine speed and with surgical precision, even if the threat is targeted or entirely unknown.

By taking swift and targeted action, Antigena Network stops emerging threats that other tools miss. The technology provides 24/7 coverage of your entire workforce, when security teams are overwhelmed or simply aren’t around.

It takes an average of 2 seconds for Antigena to stop an emerging cyber-threat.

Autonomous Response AI Decision-Making

Antigena Network takes intelligent action to neutralize cyber-threats and maintain your key security objectives. Crucial for defending against stealthy, novel, and fast-moving attacks, Antigena reacts in seconds, giving your security team time to catch up.

Unlike legacy defenses, Antigena Network can deliver intelligent Autonomous Response because its actions are grounded in Darktrace’s core AI engine, whose decisions are:

  • made in real time
  • aware of subtle deviations that reveal novel or targeted attacks
  • continuously evolving based on active observation of attacks as they unfold
  • informed by correlation of patterns across the network, not single data points
  • based on a deep understanding of the particular organization

Key Benefits

Stops every attack
From targeted campaigns to ‘unknown unknowns’
Surgical response
Sustains normal operations across the business
Action in seconds
Neutralizes attacks spreading in real time
Full oversight
Mobile alerts when Antigena steps in
The next phase in our journey towards autonomous security is autonomous response decision-making.
Lawrence Pingree, Research VP, Gartner

Unified Coverage Across Your Entire Network

Antigena Network delivers Autonomous Response across your entire business, providing bespoke protection across IoT devices, industrial control systems, and on-premise infrastructure. While each response is grounded in Darktrace’s self-learning AI, the range of actions it can take fall into one of two broad categories of response:

Tactical Response

With Tactical Response, Antigena Network generates self-directed actions that neutralize attacks in seconds.

Each response is surgical and anchored in the system’s granular understanding of ‘normal’ for the entire organization. This allows Antigena Network to reliably judge which events merit autonomous response, and also maintain ‘business as usual’ by enforcing the normal ‘pattern of life’ of an infected device or compromised user.

Strategic Response

With Strategic Response, Antigena Network acts as the ‘AI brain’ of the entire security stack, leveraging high-confidence detections to hand off and integrate with inline defenses as a mechanism for response.

Through active integrations, Antigena Network can seamlessly plug into and enhance your existing ecosystem, informing firewalls and network devices about attacks that have gotten through.

Mobile phone displaying a prioritized list of threats to the organization.

AI That Fits Your Business

Antigena can be used in a variety of ways to match your specific business and workforce needs — whether that means only enabling active mode on the weekends, or just in certain areas of the organization.

Antigena can further be adjusted to treat different high-risk employees and devices differently, depending on your desired use cases and risk appetite.

Easy Control with our Mobile App

With the Darktrace Mobile App, you can leverage the power of Antigena on-the-go. Whether you’re out of the office or simply don’t have time to check on every action, our App makes it easier than ever to gain complete oversight and control.

Darktrace Antigena can autonomously and precisely contain in-progress attacks far quicker than our human team can, and ensures our operations stay on track.
Shane Silcox, Information Systems Manager at Layton Construction

Hear more from our customers

Proven to Protect

Zero-Day Ransomware Neutralized

Antigena Network stopped a previously-unknown ‘zero-day’ ransomware attack targeting an electronics manufacturer, after detecting a large number of unusual SMB connections and anomalous reverse DNS lookups. Antigena Network kicked in a second later, enforcing the usual pattern of life by blocking anomalous connections, immediately stopping the encryption without relying on rules, signatures or historical data.

Targeted Action on Compromised Security Camera

At a financial services firm, Antigena Network prevented a serious breach of sensitive information when an Internet-connected CCTV camera was targeted by an attacker as the entry-point to the network. The threat actor immediately began attempting to move massive volumes of data to and from the unencrypted CCTV server. Antigena surgically blocked data movement from the device to the external server, while sustaining the camera’s normal function.

Antigena Prevents IoT Data Exfiltration

At an amusement park in North America, a threat actor attempted to steal sensitive customer data via a vulnerable IoT device: a ‘smart’ locker used by visitors to store personal belongings. This ‘low and slow’ attack successfully evaded rules-based security defenses, but Antigena spotted an unusual quantity of unencrypted data being sent to a rare external site and blocked all outgoing connections from the compromised device.

Insider Threat Contained

Darktrace’s AI neutralized a malicious insider at a major investment firm in South Africa after it witnessed a laptop connecting to hundreds of internal IP addresses and then moving multi-purpose script files using a remote-administration tool. Based on its dynamic evaluation of the threat, Antigena Network blocked all outgoing connections from the laptop, instantly containing any lateral movement.