The Enterprise Immune System

Book a Free Trial

The Enterprise Immune System is a self-learning cyber AI technology that detects novel attacks and insider threats at an early stage.

Modeled on the human immune system, the Enterprise Immune System learns and understands ‘self’ for everyone and everything in the business, and can spot the subtle signals of an advanced attack — without relying on rules, signatures, or prior assumptions.

The Enterprise Immune System detects subtle signs of emerging threats in real time.

Learning ‘On the Job’

The Enterprise Immune System uses unsupervised machine learning and AI to understand all about your organization. Observing your users and devices, cloud containers and workflows, it learns ‘on the job’ what is normal for your organization.

Unlike traditional approaches that rely on blacklists, rules and signatures, the immune system approach learns from your data – forming a bespoke and evolving understanding of your digital environments. This unique approach enables Darktrace to detect the most sophisticated and stealthy cyber-threats that other tools miss.

Whether a new strain of ransomware or an emerging insider attack, the Enterprise Immune System detects the threat at its earliest stages.

Earth seen from space with multiple connections across the world.

Protection Across Your Enterprise

Cyber-threats can emerge anywhere – in your cloud or on SaaS, via email or on IoT devices on your network.

The Enterprise Immune System shines a light into all these environments, including Salesforce, Office 365 & SharePoint, AWS and Microsoft Azure.

This means that organizations benefit from a unified view of their entire digital estate – not just part of it – and can tackle emerging threats quickly.

Blog Post: Two SaaS attacks investigated by AI

Diagram of Cloud Immune System

Key Benefits

Self-learning detection
Learns ‘on the job’ and adapts continuously
Automated analysis
AI Analyst generates threat reports in seconds
100% visibility
Protects cloud, SaaS, email, OT and on-prem
Fast install
No manual configuration
Darktrace represents a new frontier in AI-based cyber defense. Our team now has complete, real-time coverage across our SaaS applications, cloud containers, and city-wide distributed sensors.
Michael Sherwood, Director of Innovation & Technology, City of Las Vegas

Proven to Protect

Malicious Insider in the Cloud

A disgruntled IT manager at a retail company downloaded contact details and credit card numbers from the customer database and transferred them to a home server via one of the company’s approved data transfer services. While this subtle activity evaded the cloud provider’s native controls, Darktrace’s AI correlated highly suspicious connections and downloads from the employee’s device, alerting the security team before the data could be exfiltrated.

SaaS Account Brute Forcing

One Microsoft 365 account was used in a brute force attack against a bank in Panama, with logins originating from a country that deviated from the normal ‘patterns of life’ of the company’s operations. Darktrace then detected highly unusual changes to account privileges, prompting it to alert the security team to a case of SaaS account takeover.

Biometric Fingerprint Scanner Targeted

At a multinational manufacturing company, an attacker exploited known vulnerabilities to compromise a biometric scanner, which was used to restrict access to machinery and industrial plants. The attacker subtly changed the biometric data in a suspected attempt to gain access to the highly secure facilities. While the compromise bypassed standard signature-based solutions, Darktrace AI instantly detected the anomalous behavior.

Compromised Smart Fish Tank

At an entertainment corporation, Darktrace detected anomalous data transfers from a recently installed high-tech fish tank to a rare external destination. By targeting an unconventional device that had recently been introduced into the network, the attack managed to evade the casino’s traditional security tools. However, the external data transfers were deemed highly unusual by Darktrace’s AI, which proceeded to help the security team shut off the threat.