The Enterprise Immune System

Book a Free Trial

The Enterprise Immune System is a self-learning cyber AI technology that detects novel attacks and insider threats at an early stage.

Modeled on the human immune system, the Enterprise Immune System learns and understands ‘self’ for everyone and everything in the business, and can spot the subtle signals of an advanced attack — without relying on rules, signatures, or prior assumptions.

Key Benefits

Learns continuously ‘on the job’ and adapts in light of new evidence
Detects and responds to novel attacks and insiders before they do damage
Complete visibility across hybrid, multi-cloud, and IoT infrastructure
Installs in under an hour, requiring no manual tuning or configuration
Darktrace represents a new frontier in AI-based cyber defense. Our team now has complete, real-time coverage across our SaaS applications, cloud containers, and city-wide distributed sensors.
Michael Sherwood, Director of Innovation & Technology, City of Las Vegas

A Cyber Immune System for the Cloud & Beyond

Whilst cloud services and SaaS applications streamline business practices and increase flexibility, they also create dangerous blind spots for security teams.

Darktrace extends visibility into otherwise unseen parts of the network, leveraging cyber AI to protect cloud, SaaS and IaaS environments.

Darktrace Cloud integrates seamlessly with Darktrace Enterprise, and detects threats across all major cloud service providers and SaaS applications, including AWS, Microsoft Azure and Salesforce, as well as combatting malicious emails in Office 365.

Unified View Across Hybrid, Multi-Cloud & IoT Infrastructure

The Enterprise Immune System works by learning the normal ‘pattern of life’ for every user, device, and container in real time, continuously analyzing complex behaviors and relationships across the cloud, IoT, email, and the network.

Unlike pre-programmed solutions, the Enterprise Immune System does not define ‘benign’ or ‘malicious’ in advance, and provides a unified view from which users can investigate the subtle hallmarks of an attack.

Blog Post: Rethinking Cloud Security

Proven to Protect

Malicious Insider in the Cloud

A disgruntled IT manager at a retail company downloaded contact details and credit card numbers from the customer database and transferred them to a home server via one of the company’s approved data transfer services. While this subtle activity evaded the cloud provider’s native controls, Darktrace’s AI correlated highly suspicious connections and downloads from the employee’s device, alerting the security team before the data could be exfiltrated.

Advanced Spear Phishing

A threat actor who had gotten hold of the contact list of a US municipality delivered a well-crafted spear phishing attack to its staff, delivered alphabetically from A to Z. The messages contained malicious payloads disguised as links to Netflix, Amazon, and other trusted services. Darktrace’s AI analyzed these links in connection with all Office 365 email traffic, recognizing the rare domain and patterns of communication, and locking each link as it entered the network.

Biometric Fingerprint Scanner Targeted

At a multinational manufacturing company, an attacker exploited known vulnerabilities to compromise a biometric scanner, which was used to restrict access to machinery and industrial plants. The attacker subtly changed the biometric data in a suspected attempt to gain access to the highly secure facilities. While the compromise bypassed standard signature-based solutions, Darktrace AI instantly detected the anomalous behavior.

Compromised Smart Fish Tank

At an entertainment corporation, Darktrace detected anomalous data transfers from a recently installed high-tech fish tank to a rare external destination. By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. However, the external data transfers were deemed highly unusual by Darktrace’s AI, which proceeded to help the security team shut off the threat.