Darktrace for Google Cloud Security

With advanced Cyber AI, Darktrace brings unprecedented real-time visibility and autonomous defense to your Google Cloud security strategy.

The Darktrace Immune System provides a self-learning platform for AI-driven threat detection, investigation, and response in Google Cloud and across the enterprise, ensuring your dynamic workforce is always protected.

By learning what normal activity looks like for every user, device, and resource in your Google Cloud environment, Darktrace technology can identify even the most subtle signs of an emerging threat – from compromised credentials, to malicious insiders, to critical misconfigurations or compliance issues.

Bespoke, real-time coverage
Continuous cloud security monitoring with AI that learns ‘on the job’
Advanced cloud defense
Identifies and autonomously responds to the stealthiest threats
Comprehensive visibility
Unified view of behavior in your Google Cloud environment, and beyond
Cyber AI Analyst investigation
Automatic triaging and executive-friendly reporting

Cyber AI Defense for the Dynamic Workforce and Business

With its bespoke, continuously evolving knowledge of how your business operates in the cloud, Darktrace’s Cyber AI can put behavior in context and spot the deviations from normal activity that point to a threat — no matter how sophisticated or novel.

Once a threat is identified, Darktrace Antigena can interrupt attacks on your behalf with AI-driven Autonomous Response. The Darktrace Immune System’s Cyber AI Analyst further automatically investigates every threat surfaced, reporting on the full scope of cloud-based security incidents and reducing triage time by up to 92%.

Data exfiltration and destruction

Detects anomalous device connections and user access, as well as unusual resource deletion, modification, and movement

Critical misconfigurations

Catches unusual permission changes, and anomalous activity around compliance-related data or devices

Compromised credentials

Spots brute force attempts, unusual login source or time, and unusual user behavior including rule changes or password resets

Insider threat and admin abuse

Identifies the subtle signs of malicious insiders – including sensitive file access, resource modification, role changes, or adding/deleting users

A Self-Learning Solution with Google Packet Mirroring

Darktrace leverages Google’s Packet Mirroring service to monitor all traffic in a customer’s Google Cloud environment. This allows the Darktrace Immune System’s self-learning AI to analyze the entire packet, including headers and payload, and build rich behavioral models for activity in Google Cloud.

Taking a fundamentally unique approach, the Darktrace Immune System can correlate this private and public cloud traffic with traffic from email, SaaS, remote endpoints, and any range of on- or off-premise infrastructure across a customer’s enterprise. This critical function ensures that cloud security is not siloed from the monitoring of the rest of the business.

The Darktrace Security Module for Google Cloud and Darktrace’s Google Workspace Module provide additional visibility, allowing the Darktrace Immune System to deliver optimum coverage across all your Google Cloud services.

“With Cyber AI, Darktrace can detect sophisticated cloud-based attacks, including insider threats and novel strains of malware that other tools miss. Darktrace provides unprecedented visibility, making it uniquely capable of defending our critical infrastructure.”
City of Las Vegas

Google Workspace Cloud Email Security

Antigena Email is an AI-powered email security solution that protects the inbox from the full range of attacks. While Google’s native and add-on email controls look for known email attack vectors, Antigena Email is able to identify novel email threats that get through, including impersonation attacks, payload delivery and data loss.

With unified understanding across email, SaaS and the cloud, the Darktrace Immune System can correlate activity across multiple environments, enabling greater detection, investigation and response capabilities.

Discover Antigena Email for Google Workspace

Featured Blog

AI cloud security with the Darktrace Immune System and Google Packet Mirroring

This blog explains how the visibility provided by Google’s Packet Mirroring enables the Darktrace Immune System to deliver seamless Cyber AI defense in the cloud and form an understanding of what normal activity looks like for every user, container, application, and workload in a customer’s Google Cloud environment.

Read more