Darktrace Antigena is the world’s first Autonomous Response solution. Powered by award-winning Cyber AI, it responds to cyber-attacks in a matter of seconds — when security teams are overwhelmed or simply aren’t around.
The technology works like a digital antibody, intelligently generating a targeted and proportionate response whenever a threatening incident arises in network, email or cloud environments.
Every 3 seconds, Darktrace Antigena responds to a cyber-threat.
Autonomous Response AI Decision-Making
Darktrace Antigena takes action against in-progress cyber-threats, stopping them in their tracks before any damage is done. Crucial for defending against fast-moving threats such as ransomware, Antigena reacts in seconds, giving your security team time to catch up without interrupting daily business operations. Its autonomous decisions are:
- made in real time
- repeatedly updated by continued observation of threats as they unfold
- informed by combined behavior, not single data points
- based on the broadest understanding of devices and people in the organization
Antigena is an intelligent decision-making engine that uses your existing security investments and capabilities in order to take action. This results in a step change improvement in ROI from your existing security stack.
Your journey to AI decision-making
Every organization’s journey to Autonomous Response AI is different. But building trust in Antigena is easy — our Mobile App gives you direct oversight and control over any actions taken. You can even start using Antigena during the evenings and the weekend, and build it up from there.
Antigena Use Cases
Available as easy-to-deploy modules, Antigena can react to emerging threats across your digital infrastructure
Antigena Cloud provides 24/7 autonomous protection of your crown jewels and sensitive data in the cloud. It stops insider threats, account takeovers, and critical misconfigurations.
As a cloud-native solution powered by AI, it can continuously analyze behaviors and relationships across diverse cloud platforms and services, from AWS and Azure, to Salesforce, Dropbox, and Office 365. This enterprise-wide context enables the system to only take action on high-confidence threats as they emerge within ephemeral workloads and diverse multi-cloud environments.
Darktrace’s cyber AI technology extends beyond the security that native controls and third-party tools can provide by learning the ‘pattern of life’ for every user, device, and container – without relying on prior assumptions or manual input of known threats.
This evolving understanding of ‘normal’ allows the platform to autonomously respond to never-before-seen external attacks and insider threats in real time.
Antigena Network delivers Autonomous Response AI across the enterprise and Internet of Things. Like a digital antibody, it generates measured and proportionate responses when a significantly threatening incident arises.
Within seconds of detecting a threat, Antigena surgically enforces a device’s normal ‘pattern of life’. It can also integrate with your firewalls or network devices if appropriate.
This autonomous response effectively fights against machine-speed attacks, initiating a range of actions according to the nature and severity of the threat. Antigena can initiate the following actions in just seconds, keeping the digital infrastructure protected even when security teams are out of office:
- Interrupting unusual connections
- Changing and editing permissions
- Temporarily freezing accounts
- Stopping unusually large amounts of data being sent
In every case, the system works by neutralizing threats while sustaining normal operations. Based on its deep understanding of what ‘normal’ looks like, Darktrace Antigena only interrupts threatening activity, giving the security team time to catch up.
Antigena Email allows Darktrace’s cyber AI to neutralize malicious emails in Office 365.
Introducing intelligent autonomous response into the flow of inbound and outbound email traffic, Antigena Email defends the network against malicious emails that evade the email gateway.
Darktrace’s rich understanding of user relationships, communications, and network activity allows Antigena Email to quickly contextualize events, and respond only to genuine threats, stopping them before they reach the user.
Email-borne attacks that Antigena stops include:
- Advanced spear phishing
- Impersonation attempts
- Data loss
- High-risk user behaviors
Crucially, the ability of Antigena to analyze email traffic alongside network traffic gives it a holistic understanding of the digital environment, enabling it to analyze individual emails in context, and initiate proportionate, targeted responses to threatening activity.