Learn why EDR alone is not enough and how NDR uncovers and stops threats that disable or bypass endpoint security.

Docker is a prime target for malware, with new strains emerging daily. This blog explores a novel campaign showcasing advanced obfuscation and cryptojacking techniques.

Learn how NDR and SASE solutions complement and interact with each other to create a robust network security strategy.

Discover how anomaly detection deployed across core network segments delivers a more effective approach to ICS security.

Learn how Darktrace’s DEMIST-2 embedding model delivers high-accuracy threat classification and detection across any environment, outperforming larger models with efficiency and precision.

Discover how Darktrace’s new DIGEST model enhances Cyber AI Analyst by using GNNs and RNNs to score and prioritize threats with expert-level precision before damage is done.

See how Darktrace Cyber AI Analyst™, an agentic AI virtual analyst, cuts through alert noise, accelerates threat response, and strengthens your security team — all without adding headcount.

In a world of growing data volume and diversity, protecting and keeping track of your organization’s sensitive information is increasingly complex – particularly when 63% of breaches stem from malicious insiders or human error. This blog explores how security teams can achieve visibility beyond the limits of data classification, without adding to the burden of data management.

Darktrace detected an email bomb attack flooding inboxes with high volumes of messages, uncovering unusual email patterns and subsequent network anomalies.

Not only has Darktrace Federal achieved its FedRAMP High Authority to Operate, one of the few cybersecurity vendors to do this, but we have also released Darktrace Commercial Government Cloud High/Email, a FedRAMP High-compliant email security solution for customers using Microsoft Government Community Cloud High.

While many internal teams contribute to general cloud hygiene, the security team has increasingly taken the lead on cloud security. Learn how AI-powered cloud detection and response tools can help these teams with new responsibilities.

Darktrace / OT is recognized as a Market Leader in the Omdia Market Radar. Read this blog to find out more about Darktrace's leadership in the market and a variety of other unique differentiators and innovations in the OT security industry.

This blog highlights how vulnerability data, collected using Cado's new vulnerability discovery feature, can be fused with threat data to help deepen the understanding of an attack, as well as guide remediation efforts.

Cado Security Labs (now part of Darktrace) identified Triton RAT, a Python-based open-source tool controlled via Telegram.

Darktrace is proud to announce we’ve been the only Visionary in the inaugural Gartner® Magic Quadrant™ for Cyber-Physical Systems (CPS) Protection Platforms. Read the blog to find out why!

In late 2024, Darktrace detected unusual activity linked to Cyberhaven's Chrome browser extension. Read more about Darktrace’s investigation here.

To strengthen its distributed and complex operations, this global technology leader implemented Darktrace / EMAIL to monitor, detect, and mitigate potential email threats. Read the blog to discover their results.

Cado Security Labs discovered a new cryptomining campaign exploiting exposed Jupyter Notebooks on Windows and Linux. The attack deploys UPX-packed binaries that decrypt and execute a cryptominer, targeting various cryptocurrencies.

In 2024, Darktrace identified a cluster of intrusions involving the state-linked malware, ShadowPad. This blog will detail ShadowPad and the associated activities detected by Darktrace.

This blog explores an exploitation capability observed by Darktrace in another email security vendor’s link rewriting and the steps Darktrace took to inform and resolve the issue.