Press Release

April 14, 2023 11:42 AM

Updated statement regarding LockBit claims

Mike Beck, Chief Information Security Officer, Darktrace

We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.

Press Release

April 13, 2023 9:30 AM

Statement regarding LockBit claims

Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.

Press Release

Darktrace Delivers Oversight of Enterprise AI Adoption with Launch of Darktrace / SECURE AI

Cambridge, UK

February 3, 2026

Darktrace / SECURE AI™ helps organizations safely adopt AI by understanding behavior, intent, and risk across human and agent interactions
New solution applies Darktrace’s decades-long behavioral AI expertise to deliver real-time visibility and control across the AI lifecycle
Secures AI embedded in SaaS applications, AI agents developed in hyperscaler environments, and employee use of Shadow AI
Allows organizations to understand where AI systems operate, what information and systems they can access, and how they behave over time
New Darktrace research reveals over three-quarters of cybersecurity professionals are concerned about the security implications of the widespread adoption of AI agents and third-party generative AI tools
Over a five-month period, Darktrace observed an average of around 4,700 pages of documents in unusual or anomalous data uploads to generative AI services, with some accounts averaging anomalous uploads of over 200,000 pages¹

Darktrace, a global leader in AI for cybersecurity, today announced the launch of Darktrace / SECURE AI™, a new behavioral AI security product designed to help enterprises deploy and scale artificial intelligence by understanding how AI systems behave, interact with other systems and humans, and evolve over time. Building on Darktrace’s long heritage in behavioral AI to understand intent and detect deviations, Darktrace / SECURE AI enables organizations to intervene when AI systems act abnormally, drift from intended behavior, exceed authorized access, violate policy, or appear to be manipulated to perform unauthorized actions.

As organizations move rapidly from AI experimentation to production, traditional security controls are proving insufficient for managing dynamic, language-driven systems. With Darktrace / SECURE AI, Darktrace is bringing its proven behavioral AI approach to the challenge. Unlike static guardrails or policy-driven approaches, behavioral AI observes how generative AI and agentic workflows actually operate in the real world. Darktrace / SECURE AI continually analyzes AI interactions across the enterprise, including prompt language and data access patterns to detect emerging risks based on anomalous activity that traditional security tools and static guardrails often miss.

“AI systems don’t fail like traditional software – they drift, adapt and sometimes behave in unexpected ways,” said Mike Beck, Chief Information Security Officer at Darktrace. “Darktrace has taken a behavioral approach to understanding and securing the unstructured and unpredictable ecosystems of people, data and technology within enterprises for more than a decade. With Darktrace / SECURE AI, we’re applying our behavioral approach to give security teams visibility into what AI is doing, not just what it’s allowed to do, and enabling businesses to innovate with confidence.”

Darktrace / SECURE AI provides CISOs with a practical way to govern AI without stifling adoption. The product integrates with existing security operations and delivers actionable insights to both new standalone and existing Darktrace ActiveAI Security Platform™ customers. The new product is designed for enterprises operating AI across embedded SaaS applications, cloud-hosted models, and autonomous or semi-autonomous agents developed in low and high code development environments. It helps security teams prevent sensitive data exposure, enforce internal access and usage policies, and govern autonomous AI activity across enterprise AI assistants and agents as well as AI development and deployment.

“Security has always been about behavior,” said Jack Stockdale, Chief Technology Officer at Darktrace. “As AI becomes agentic, prompts become the behavioral layer, encoding intent, context, and downstream actions. If you can’t observe and understand prompt language at runtime, you can’t detect drift, misuse, or emergent behavior. Securing AI without prompt visibility is like securing email without reading the message body. Prompts are to AI what traffic is to networks and identity is to users.”

AI adoption has become a board-level priority as organizations adopt AI tools at scale to boost productivity, growth, and competitiveness across the enterprise. Across Darktrace’s customer base, more than 70% of organizations are already using generative AI tools¹. As adoption matures, many organizations are increasingly deploying AI agents that can log into systems, access data, and take action on behalf of employees. But approved tools are only part of the picture. Among those customers with a dominant generative AI tool in use, 91% also have employees using additional AI services¹, which likely represent shadow AI tools, leaving security teams without a clear view of which AI services are in use, where they are deployed, what data is leaving the business and where it is going.

This loss of visibility and data is already translating into real business risk. Over a five-month period, Darktrace observed unusual or anomalous data uploads to generative AI services averaging 75MB per account—equivalent to around 4,700 pages of documents—with some accounts averaging anomalous uploads of over 200,000 pages¹. Potentially sensitive data is leaving businesses at scale, entering AI environments where it can be retained, reused, or surfaced beyond organizational control. In the hands of threat actors, a single upload can be weaponized for targeted social engineering, impersonation, IP theft, or AI agent manipulation.

Introducing Darktrace / SECURE AI

Darktrace / SECURE AI helps security teams safely enable and manage AI usage across the enterprise. As part of the Darktrace ActiveAI Security Platform™, the solution enables visibility and analysis of the information and data inputted into and sourced from generative AI tools, autonomous agents, AI development environments and shadow AI, allowing organizations to understand where AI systems operate, what they can access, and how they behave over time.

With Darktrace / SECURE AI security teams can:

Monitor and control generative AI usage in real time across enterprise AI assistants, low-code, high-code, and SaaS environments, providing visibility into prompts, sessions, and model responses used in tools such as ChatGPT Enterprise and Microsoft Copilot, embedded AI features in business applications like Salesforce and M365, low-code agent builders like Microsoft Copilot studio and high-code AI development platforms like Amazon Bedrock. By understanding how prompts and conversations evolve over time, security teams can identify sensitive data exposure, unusual prompt behavior, and attempts to manipulate AI systems.
Track and control AI agents and their access permissions by automatically discovering active AI agents operating across cloud platforms, internal systems, and third-party environments, mapping the systems and data they can access, and monitoring how they interact with other services, including Model Context Protocol (MCP) servers. This helps security teams identify over-privileged agents, unexpected interactions, signs of misuse or drift from intended behavior and enables them to intervene when agents attempt unsafe or unauthorized actions.
Evaluate AI risks in development and deployment by gaining visibility into AI identities and their access across low-code tools, SaaS platforms, hyperscaler environments, and internal labs. Security teams can see how identities, permissions, and data are configured and how AI components connect to critical systems, helping to surface misconfigurations, excessive access and usual build activity. Those insights then feed directly into prompt oversight, linking how AI systems are created to how they behave once deployed. By correlating identity creation, building events, and emerging agent capabilities with the prompts that define an agent’s logic, organizations can detect risk both before release and as agents begin operating in production.
Discover and manage Shadow AI, by identifying unapproved AI tools, unauthorized agent development, and unexpected AI-related activity across the enterprise. This helps security teams see where unmanaged AI usage is emerging, how data flows to external AI services, and when legitimate tools are being used in risky or inconsistent ways. By correlating user activity with cloud, network, and endpoint behavior, security teams can contain unapproved tools, enforce policy, and guide users toward sanctioned AI services before unmanaged adoption creates risk.

According to Darktrace’s 2026 State of AI Cybersecurity Report also released today, more than three-quarters of cybersecurity professionals surveyed are concerned about the security implications of AI agents (76%) and third-party generative AI tools (76%), citing sensitive data exposure and regulatory risk as their top concerns. Nearly half (47%) of security executives say they are extremely or very concerned, underscoring how quickly AI risk is becoming a top security priority.

Additional Resources:

Register for Darktrace’s Innovation Launch on February 3 to learn more about our latest innovations in AI security.
Check out the 2026 State of AI Cybersecurity Report and press release detailing key findings here.
Learn how to prepare your organization for secure AI adoption by joining Darktrace’s Secure AI Readiness Program.

About Darktrace

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting organizations from unknown threats using its proprietary AI that learns from the unique patterns of life for each customer in real-time. The Darktrace ActiveAI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate – from network to cloud to email. It provides pre-emptive visibility into the customer’s security posture, transforms operations with a Cyber AI Analyst™, and detects and autonomously responds to threats in real-time. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 250 patent applications filed. Darktrace’s platform and services are supported by over 2,300 employees around the world who protect nearly 10,000 customers across all major industries globally.

¹ According to internal Darktrace research

News coverage

Darktrace Delivers Oversight of Enterprise AI Adoption with Launch of Darktrace / SECURE AI

February 3, 2026

Read the story

cv
Darktrace named a Challenger in first Gartner® Magic Quadrant™ for Email Security Platforms · Evaluated on Completeness of Vision and Ability to Execute Darktrace, a global leader in AI for cybersecurity,today announces that Darktrace / EMAIL™, has been recognized in thefirst ever Gartner Magic Quadrant™ for Email Security Platforms (ESP) as a Challenger. Chris Kozup, Chief Marketing Officer, Darktrace, said of therecognition: “We are extremely proud to have been recognized in the first MagicQuadrant for ESP. We believe the factthat wehave seen such wide scale adoption is testament to the unique way in which wedevelop products to keep our customers safe from even the most sophisticated emailcompromises. We believe our placement reaffirms our dedication to deliveringexceptional customer service, and innovations that safeguard against the emailchallenges of today—and tomorrow.” Darktrace customers consistently acknowledge its exceptional customersupport, delivered by an award-winning[1]service team. Darktrace has the highest percentage of 5-star ratings with a 4.8rating on Gartner® Peer Insights™ out of 249 reviews as on[MW1] 19^th December. We feel this unwavering commitment to customersatisfaction is evident in strong renewal rates and accelerated growth inDarktrace / EMAIL over the past few years, gaining almost 5,000 customers sinceits launch in 2019. Darktrace / EMAIL, one of the fastest-growing emailsecurity products on the market, is built on Darktrace’s unique Self-LearningAI, a multi-layered AI engine that leverages different types of AI includingNLP and behavioral analysis to detect threats, instead of traditional securitymeasures such as signatures and sandboxing. This approach enables Darktrace todetect and stop threats like business email compromise attacks and noveltechniques, including some 56% of which passed through customers’ other emailsecurity layers. This pioneering approach has enabled Darktrace to introduce industry-leadingcapabilities such as QR code analysis and automated incident investigations, alongsidedifferentiated functionality to help teams add new depth to their emailsecurity, including: Account take over and Lateral mail account compromise protection. Contributing yet another layer to the AI behavioural profile for each user, security teams can now spot early symptoms of account compromise or malicious insiders before a link or attachment payload is sent, and exfiltration occur Microsoft Teams security with advanced messaging analysis: Advancing beyond simple text analysis to behavioral and natural language content analysis that tracks context across both email and instant messaging to identify the approximately 38% of phishing, sophisticated social engineering and novel insider threats other solutions fail to capture · Drastically improveend user reporting with Cyber AI Analyst narratives: Real-time awareness training capabilities reduce falsepositives in phishing investigations by up to 60% by providing context specificanalysis of each received email to each employee as they interact with their mail.· MailboxSecurity Assistant to increase security team operational efficiency: All forms ofsecondary investigations can now automatically perform advanced behavioralbrowser analysis and stop malicious links within webpages, reducing manualeffort of security analysts to detecting phishing links, and allowing them to remediateup to 70% more malicious phishing links than before.· AI based,autonomous data loss prevention: to immediately protect organizations from misdirected emails,insider threats, and data loss—both classified and unclassified – using userbehavior and dynamic content analysis to determine sensitivity, removing administrativeoverhead from manual expressions and labeling.Marco Cavallo, IT Manager at Darktrace / EMAIL customer Arpa Industries comments:“During the POV, Darktrace / EMAIL showed how specific attacks weresurgically blocked. We realized that other tools wouldn’t have detected thesethreats.” Darktrace / EMAIL is part of Darktrace’s ActiveAI Security Platform™,offering network, cloud, endpoint, identity and operational technologyprotection from a single shared architecture, all built on Darktrace’s uniqueAI engine – providing a strong, integrated approach to threat prevention,detection and response across an organization’s entire digital footprint. Darktrace’s global presence supports a diverse and varied customer base,and adapts proactively to customer pain points of all kinds. Darktrace’sadaptability across all market segments, from SMBs to large enterprisessupports both first time email security buyers and mature email securitystacks. It is able to meet varied security needs with lower setuprequirements, includes capability for advanced depth in configuration and,particularly for mature organizations, can augment existing security providerswith additional protections. Download the fullMagic Quadrant for Email Security Platforms here Resources:· Read more onthe Darktrace Blog· Read more abouthow business email compromise attacks are evolving on The Inference Gartner disclaimersGartner, Magic Quadrant for EmailSecurity Platforms, Max Taggett, Nikul Patel, Franz Hinner, Deepak Mishra, 16December 2024 GARTNER is a registered trademarkand service mark of Gartner and Magic Quadrant and Peer Insights are aregistered trademark, of Gartner, Inc. and/or its affiliates in the U.S. andinternationally and are used herein with permission. All rights reserved.
Gartner Peer Insights content consists of the opinions of individual endusers based on their own experiences with the vendors listed on the platform,should not be construed as statements of fact, nor do they represent the viewsof Gartner or its affiliates. Gartner does not endorse any vendor, product orservice depicted in this content nor makes any warranties, expressed orimplied, with respect to this content, about its accuracy or completeness,including any warranties of merchantability or fitness for a particularpurpose. Gartner does not endorse any vendor,product or service depicted in its research publications and does not advisetechnology users to select only those vendors with the highest ratings or otherdesignation. Gartner research publications consist of the opinions of Gartner’sresearch organization and should not be construed as statements of fact.Gartner disclaims all warranties, expressed or implied, with respect to thisresearch, including any warranties of merchantability or fitness for aparticular purpose. About DarktraceDarktrace is a global leader in AI for cybersecurity that keepsorganizations ahead of the changing threat landscape every day. Founded in2013, Darktrace provides the essential cybersecurity platform protectingorganizations from unknown threats using its proprietary AI that learns fromthe unique patterns of life for each customer in real-time. The DarktraceActiveAI Security Platform™ delivers a proactive approach to cyber resiliencewith pre-emptive visibility into security posture, real-time threat detection,and autonomous response – securing the business across cloud, email,identities, operational technology, endpoints, and network. Breakthroughinnovations from our R&D teams in Cambridge, UK, and The Hague, Netherlandshave resulted in over 200 patent applications filed. Darktrace’s platform andservices are supported by over 2,400 employees around the world who protectnearly 10,000 customers across all major industries globally. To learn more,visit http://www.darktrace.com. ----
[1] Darktrace wins two Globeeawards for excellent customer service [PressRelease] [MW1]shouldthis be 'of'