Darktrace for AWS
With the power of Self-Learning AI, Darktrace brings real-time visibility and adaptive, autonomous defense to your AWS cloud security strategy.
The Darktrace Immune System provides a unified platform for AI-driven threat detection, investigation, and response in your AWS cloud and across the business, ensuring your dynamic workforce is always protected.
Self-Learning AI continuously learns what normal behavior looks like for every user, device, and workload in your AWS environment. With this deep understanding of usual ‘patterns of life,’ the Darktrace Immune System can recognize the subtle deviations that point to a threat – from account takeovers, to critical misconfigurations.
Self-Learning AI Defense for the Dynamic Workforce and Business
With its bespoke, continuously evolving knowledge of how your business operates in the cloud, Darktrace’s Self-Learning AI can put behavior in context and spot the deviations from normal activity that point to a threat — no matter how sophisticated or novel.
Once a threat is identified, Darktrace for Network can interrupt attacks on your behalf with AI-driven Autonomous Response. The Darktrace Immune System’s Cyber AI Analyst further automatically investigates every threat surfaced, reporting on the full scope of cloud-based security incidents and reducing triage time by up to 92%.
Detects anomalous device connections and user access, as well as unusual resource deletion, modification, and movement
Catches unusual permission changes, and anomalous activity around compliance-related data or devices
Spots brute force attempts, unusual login source or time, and unusual user behavior including rule changes or password resets
Identifies the subtle signs of malicious insiders – including sensitive file access, resource modification, role changes, or adding/deleting users
An AI-Native Solution for AWS Cloud Security
With VPC Traffic Mirroring from AWS, Darktrace’s Self-Learning AI can access granular packet data, allowing the Darktrace Immune System to build rich behavioral models based on traffic in our customers’ AWS cloud environments.
Taking a fundamentally unique approach, the Darktrace Immune System can correlate this cloud traffic with activity from email, SaaS, remote endpoints, and any range of on- or off-premise infrastructure across a customer’s enterprise.
This critical capability means Self-Learning AI can autonomously connect the dots between unusual behavior in disparate infrastructure areas and ensure cloud security is not siloed from the monitoring of the rest of the organization.
The Darktrace Security Module for AWS provides additional visibility, with AI-powered monitoring of management and administration activity via interaction with AWS CloudTrail. With this deep knowledge of how your business operates in the cloud, Darktrace delivers total coverage across all your AWS services.
Proven to Protect
This blog explains how AWS’s extension of VPC Traffic Mirroring to non-Nitro instances supports Darktrace’s real-time visibility and adaptive, autonomous defense for AWS cloud environments.