The Enterprise Immune System

Book a Free Trial

The Enterprise Immune System is a self-learning cyber AI technology that detects novel attacks and insider threats at an early stage.

Modeled on the human immune system, the Enterprise Immune System learns and understands ‘self’ for everyone and everything in the business, and can spot the subtle signals of an advanced attack — without relying on rules, signatures, or prior assumptions.

The Enterprise Immune System detects subtle signs of emerging threats in real time.

Learning ‘On the Job’

The Enterprise Immune System uses unsupervised machine learning and AI to understand all about your organization. Observing your users and devices, cloud containers and workflows, it learns ‘on the job’ what is normal for your organization.

Unlike traditional approaches that rely on blacklists, rules and signatures, the immune system approach learns from your data – forming a bespoke and evolving understanding of your digital environments. This unique approach enables Darktrace to detect the most sophisticated and stealthy cyber-threats that other tools miss.

Whether a new strain of ransomware or an emerging insider attack, the Enterprise Immune System detects the threat at its earliest stages.

Earth seen from space with multiple connections across the world.

Protection Across Your Enterprise

Cyber-threats can emerge anywhere – in your cloud or on SaaS, via email or on IoT devices on your network.

The Enterprise Immune System shines a light into all these environments, including Salesforce, Office 365 & SharePoint, AWS and Microsoft Azure.

This means that organizations benefit from a unified view of their entire digital estate – not just part of it – and can tackle emerging threats quickly.

Blog Post: Rethinking Cloud Security

Diagram of Cloud Immune System

Key Benefits

Learns continuously ‘on the job’ and adapts in light of new evidence
Detects and responds to novel attacks and insiders before they do damage
Complete visibility across hybrid, multi-cloud, and IoT infrastructure
Installs in under an hour, requiring no manual tuning or configuration
Darktrace represents a new frontier in AI-based cyber defense. Our team now has complete, real-time coverage across our SaaS applications, cloud containers, and city-wide distributed sensors.
Michael Sherwood, Director of Innovation & Technology, City of Las Vegas

Proven to Protect

Malicious Insider in the Cloud

A disgruntled IT manager at a retail company downloaded contact details and credit card numbers from the customer database and transferred them to a home server via one of the company’s approved data transfer services. While this subtle activity evaded the cloud provider’s native controls, Darktrace’s AI correlated highly suspicious connections and downloads from the employee’s device, alerting the security team before the data could be exfiltrated.

Advanced Spear Phishing

A threat actor who had gotten hold of the contact list of a US municipality delivered a well-crafted spear phishing attack to its staff, delivered alphabetically from A to Z. The messages contained malicious payloads disguised as links to Netflix, Amazon, and other trusted services. Darktrace’s AI analyzed these links in connection with all Office 365 email traffic, recognizing the rare domain and patterns of communication, and locking each link as it entered the network.

Biometric Fingerprint Scanner Targeted

At a multinational manufacturing company, an attacker exploited known vulnerabilities to compromise a biometric scanner, which was used to restrict access to machinery and industrial plants. The attacker subtly changed the biometric data in a suspected attempt to gain access to the highly secure facilities. While the compromise bypassed standard signature-based solutions, Darktrace AI instantly detected the anomalous behavior.

Compromised Smart Fish Tank

At an entertainment corporation, Darktrace detected anomalous data transfers from a recently installed high-tech fish tank to a rare external destination. By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. However, the external data transfers were deemed highly unusual by Darktrace’s AI, which proceeded to help the security team shut off the threat.