As AI reshapes the cybersecurity landscape, Darktrace’s Cyber AI Analyst automates early-stage investigations, mimicking human reasoning to detect and respond to threats at machine speed. This blog explores four real-world cases where it identified sophisticated threat actors, including nation-state adversaries.

This blog examines a real-world Auto-Color malware attack that originated from the exploitation of CVE-2025-31324. Learn how Darktrace identified and contained the threat using AI-driven detection and response, with additional support from its expert analyst team.

Learn about a recent Scattered Spider attack observed by Darktrace, comparing tactics with those seen in previous attacks. Widespread use of LOTL techniques alongside continued changes in TTPs such as their recent use of Ransomware-as-a-Service (RaaS) platforms can make it challenging for security teams to harden defenses.

Learn how Darktrace helps bridge the DFIR skills gap with user-friendly, cloud-native forensic tools that streamline investigations across complex, multi-cloud environments.

A telecom company relies on Darktrace to uncover email threats other tools miss, save the team time on investigations, and enable 24/7 protection.

サイバーセキュリティのためのAI成熟度モデルは、実際のユースケースとエキスパートの知見に基づいた、この種の指針の中でも最も詳細なガイドです。CISOが戦略的な意思決定を行うための力となり、どのAIを導入すべきかだけではなく、組織を段階的に強化し優れた成果を得るためにどのように進めるべきかを知ることができます。

This blog covers the five core capabilities that security teams should consider when evaluating a cloud forensics and incident response solution.

Darktrace’s latest research reveals that an evolving social engineering campaign continues to target cryptocurrency users through fake startup companies. These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion and GitHub.

This blog examines three real-world cloud-based attacks in Azure and AWS environments, including credential compromise, data exfiltration, and ransomware detonation. Learn how Darktrace’s AI-driven threat detection and Autonomous Response capabilities help organizations defend against evolving threats in complex cloud environments.

SaaS security requires new methods to keep up with evolving threats and business infrastructure. In this blog, learn the top eight threats to identity security and how AI-based solutions can help.

DarktraceはAI駆動の異常検知を利用してCVEが公開される前にサイバー脅威を識別することができます。動作のパターンを分析することにより、Darktraceは組織がゼロデイエクスプロイトを初期段階で検知し封じ込めるのに役立ちます。このプロアクティブなアプローチにより、国家レベルの脅威アクター、ランサムウェアギャング、そして脅威ランドスケープ全体にわたり進化し続ける脅威に対してサイバーセキュリティ体制を強化することができます。

Since 2018, Blind Eagle has targeted Latin American organizations using phishing and RATs. Darktrace detected Blind Eagle activity on a customer network involving C2 connectivity, malicious payload downloads and data exfiltration. Without Autonomous Response, the attack escalated, highlighting the need for proactive detection and response defense to counter fast-evolving threats.

Darktrace and Microsoft have joined forces to enhance email security through a new integration, unifying threat response and quarantine capabilities. This collaboration strengthens defenses and streamlines visibility for security teams, reflecting a shared vision for proactive cyber protection.

An industry leading petrochemical manufacturer uses the Darktrace ActiveAI Security Platform to improve visibility, protect against supply chain attacks, and save the security team hundreds of hours of incident investigation.

A critical SAP vulnerability, CVE-2025-31324, allows unauthenticated remote code execution via NetWeaver Visual Composer. Despite early mitigation guidance, many systems remain exposed. Darktrace detected exploitation attempts six days before public disclosure, highlighting the importance of proactive, threat-agnostic detection.

Darktrace detected a rogue Raspberry PI device that had been left by a Manufacturing customer’s vendor in the customer’s ICS network. The convergence between supply chain risk and insider risk highlights how important it is to implement continuous monitoring of the internal ICS network for proactive risk management.

The UK Government’s upcoming Cyber Security and Resilience Bill (CSRB) will modernise the UK’s 2018 NIS regime, extend regulatory duties to managed service providers and data‑centre operators, and tighten supply‑chain oversight. This blog explains the policy intent and outlines practical implications for service providers and enterprise security leaders.

ClickFix is a social engineering technique that exploits human error through fake prompts, leading users to unknowingly run malicious commands. Learn how Darktrace detects and responds to such threats!

Darktrace adds exploit prediction assessment to attack surface management with 6.3 update. Learn more about the latest innovations here.

Darktrace announces its Leader position in the inaugural Gartner® Magic Quadrant™ for Network Detection and Response (NDR).