A self-learning approach

Darktrace’s Enterprise Immune System takes an adaptive, unified, and behavioral approach in order to discover threats that evade traditional defenses. Rather than focusing on the threat, Darktrace focuses on the organization, harnessing AI that learns a sense of ‘self’ for every person, device, and peer group.

By understanding normal patterns as they evolve, the Enterprise Immune System quickly discerns subtle deviations indicative of every threat type – whether known or unknown, internal or external, subtle or fast moving.

Traditional Approach

An Immune System Approach


Many traditional defenses leverage binary rules, policies and playbooks that fail to adapt to novel threats and the fluid working practices of dynamic businesses, often generating a sea of alerts that makes life even harder for strained security teams.


Advanced attacks and distributed workers are dynamic and unpredictable. Complex digital environments require self-learning AI that learns ‘normal’ from scratch – without any prior assumptions – and adapts continuously as the business and workforce evolve.


The siloed nature of traditional tools creates a complex security stack of disjointed and incompatible tools, each of which is blind to the full scope of a security incident.


Cyber-threats often hide across systems to evade detection. By extending the power of self-learning AI across the full digital DNA of an organization and its workforce, even the most subtle and persistent attacks have nowhere to hide.


Relies on historical attack data to detect similar attacks in future. Yet the most serious attacks leverage new and creative techniques that evade these defenses by design.


Understands the dynamic humans and machines in a digital environment. This real-time learning attunes the system to real-world changes and deviations that manual or retrospective approaches inevitably miss.