This blog highlights how Darktrace / CLOUD leverages self-learning AI to tackle critical cloud security challenges—such as misconfigurations, hybrid environment complexity, securing productivity suites, and agent fatigue—by providing unified visibility, intelligent monitoring, and real-time threat response to empower organizations with proactive protection.

A recent phishing attack compromised an internal email account, but Darktrace’s advanced AI quickly intervened. By identifying unusual activity across email and SaaS environments, Darktrace uncovered the attacker’s use of VPNs to mask their location and shut down the threat.

This blog explores the impact of AI on the threat landscape, the benefits of AI in cybersecurity, and the role it plays in enhancing security practices and tools.

Darktrace just picked up the title of "Overall Leader" in KuppingerCole's 2024 Leadership Compass for Network Detection and Response (NDR). Why? Our Self-Learning AI and smart automation make tackling threats faster and easier, helping security teams stay ahead of the game.

Delve into the complexities of the Royal and Blacksuit ransomware strains and their implications for cybersecurity in today’s digital landscape.

Spanish-language naming conventions complicate identity mapping for spoofing & especially whale-spoofing detection. Darktrace / EMAIL incorporates parsing logic that allows for faithful spoofing detection in conjunction with anomaly detection.

Discover the role of AI in shaping cybersecurity predictions for 2025 and how organizations can prepare for emerging threats.

Learn about NERC CIP-015 and its internal network security monitoring requirements. Discover how to ensure compliance and enhance your security posture.

This blog explores recent findings from Darktrace's Threat Research team on active exploitation campaigns targeting Fortinet appliances. This analysis focuses on the September 2024 exploitation of FortiManager via CVE-2024-47575, alongside related malicious activity observed in June 2024.

In a recent incident, Darktrace uncovered a M365 account takeover attempt targeting a company in the manufacturing industry. The attacker executed a sophisticated phishing attack, gaining access through the organization’s SaaS platform. This allowed the threat actor to create a new inbox rule, potentially setting the stage for future compromises.

Explore the intricacies of the Triada Trojan and its targeting of communication and banking apps. Learn how to safeguard against this threat.

When a remote user fell victim to a vishing attack, allowing a malicious actor to gain access to a customer network, Darktrace swiftly detected the intrusion and responded effectively. This prompt action prevented any data loss and reinforced trust in Darktrace’s robust security measures.

This blog announces the general availability of Microsoft Azure support for Darktrace / CLOUD, enabling real-time cloud detection and response across dynamic multi-cloud environments. Read more to discover how Darktrace is pioneering AI-led real-time cloud detection and response.

Discover how Darktrace identified a sophisticated business email compromise (BEC) attack to successfully acquire a prospective customer in a trial alongside two other email security vendors. This case demonstrates the clear differentiator of true unsupervised machine learning applied to the right use cases, compared to miscellaneous vendor hype around AI.

Generative AI tools have increased the risk of BEC, and traditional cybersecurity defenses struggle to stay ahead of the growing speed, scale, and sophistication of attacks. Only multilayered, defense-in-depth strategies can counter the AI-powered BEC threat.

Read about thread hijacking and how attackers exploit trusted conversations, compromising network security and user data. Stay informed.

The global cybersecurity skills gap is widening, leaving many organizations vulnerable to increasing cyber threats. This blog explores how CISOs can implement AI strategies to make the most of their existing workforce through automation, consolidation and education.

Read about the methods used to exploit FortiClient EMS and the critical post-exploitation tactics that affect cybersecurity defenses.

This blog gives an overview of the proposed FAA regulations for safeguarding aviation systems and their cyber-physical networks. Read more to discover key points, challenges, and potential solutions for each use case.

In May 2024, a Darktrace customer was affected by KOK08, a ransomware strain commonly used by the Matrix ransomware family. Learn more about the tactics used by this ransomware case, including double extortion, and how Darktrace is able to detect and respond to such threats.