Manufacturing organizations are rapidly adopting AI agents and autonomous systems to improve efficiency, productivity, and operational resilience, but these technologies are also introducing new cyber and operational risks. This blog explores how AI-driven threats, limited visibility into agent activity, and evolving attack techniques are reshaping manufacturing security, and why visibility, behavioral context, and embedded guardrails are becoming essential foundations for securing both IT and OT environments.

Buying AI cybersecurity tools requires more than evaluating features and marketing claims. This blog explores the challenges security teams face when assessing AI vendors, outlines five critical categories for AI evaluation, and explains how governance, transparency, model selection, and validation impact trust, adoption, and long-term security outcomes.

Follow a malicious email as it moves through Darktrace / EMAIL’s multi-layered AI system, from raw data to final decision. Each layer works together to detect threats, understand intent, and take autonomous action.

CIP-015 is pushing utilities beyond perimeter security toward continuous internal network visibility. This blog explores what the standard requires, why anomaly detection and evidence retention matter, and how utilities can build a defensible INSM capability before the October 2028 compliance deadline.

Darktrace has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Network Detection and Response (NDR) for the second consecutive year. We believe this reflects continued execution in NDR, ongoing AI innovation, and strong outcomes delivered for customers globally.

AI agents are transforming enterprise productivity, but they are also expanding the attack surface in new ways. This blog explores the benefits and challenges surrounding prompt security, where AI risk emerges across connected systems and autonomous actions, and how organizations can build a broader strategy to secure AI across the enterprise.

Modern data centers now operate as highly interconnected IT, OT, and IoT environments, creating new cybersecurity risks that traditional siloed security tools struggle to detect. This blog explores how IT/OT convergence expands the attack surface, why visibility gaps emerge, and how behavioral AI-driven security helps organizations detect and contain threats before operational disruption occurs.

AI is now embedded throughout the cybersecurity stack, but findings from the State of AI Cybersecurity 2026 show that adoption is growing much faster than trust or understanding. As vendors strive to capture market share, security leaders must learn how to distinguish the most valuable solutions from the hype.

Attackers abused a trojanized 7‑Zip installer distributed via a typo‑squatted domain to establish proxyware infections worldwide. This blog analyzes how social engineering, trusted open‑source software, and stealthy command‑and‑control activity enabled widespread compromise, highlighting the importance of software validation, user awareness, and proactive network‑level detection.

The blog examines how AI has changed the paradigm of understanding, and dealing with, insider threats. It also explores a defense-in-depth approach and discusses what CISOs and SOC leaders can do to protect their organization from AI insider threats.

ダークトレースの研究者はTwill Typhoonに関連するAPJ地域の顧客を標的とした中国系攻撃キャンペーンを特定しました。 観測されたアクティビティには、CDNなりすまし、正規のバイナリ、DLL サイドローディングによる .NET RATの展開が含まれていました。

Providing university students and faculty with broad access to information, platforms, and public databases is fundamental to learning and research. But that openness also creates greater exposure to cyber threats. In this blog, Irving Bruckstein shares why he deployed Darktrace at three institutions, how behavioral AI helped him achieve an A-rating security posture, and why autonomous detection is essential in an AI-driven threat landscape.

AI-driven systems like Mythos are accelerating how quickly vulnerabilities are discovered, shrinking the gap between exposure and exploitation. This blog explores how security strategies need to adapt, shifting focus toward early detection, rapid containment, and limiting the impact of threats. It also outlines how a behavioral, AI-driven approach can help security teams identify subtle signs of compromise, respond in real time, and maintain control in an environment where attackers are moving faster than ever.

Software supply-chain attacks dominate the threat landscape in 2026, as adversaries exploit trusted build systems, CI/CD pipelines, and management tools to gain access to target environments. This blog examines Axios, Trivy and Quest Kace compromises observed in the Darktrace customer base, highlighting the need for anomaly detection, assumed breach and continuous visibility.

Prompt injection is a newly emerging threat, with only a handful of confirmed victims so far – targeting how AI systems use data rather than exploiting traditional software vulnerabilities. As agentic AI becomes embedded across enterprise environments, attackers may attempt to manipulate these systems through hidden instructions in everyday email content.

AI systems like Mythos are accelerating vulnerability discovery to the point where attackers can exploit weaknesses before they are ever disclosed, undermining the traditional model of CVE-driven defense. Learn how this shift is forcing security teams to move beyond patching and adopt behavioral detection to identify and contain threats before disclosure.

Findings from our annual survey of 1,500+ cyber professionals reveal that security leaders are confronting a surge in AI-driven attacks, which are faster, more personalized, and harder to detect than anything they’ve seen before. As these threats scale, the challenge for defenders is in evolving their security programs in tandem to defend with confidence.

A malicious eScan software update triggered a supply chain compromise that deployed multi‑stage malware and used blockchain‑based domains for resilient C2 communications. Darktrace identified rare, anomalous network activity across customer environments, helping organizations uncover the attack chain and strengthen defenses against increasingly sophisticated supply chain threats.

ダークトレースの最新の脅威調査は、中国系サイバー作戦が単発的な侵入から長期にわたる戦略的配置に進化している状況を明らかにしています。攻撃者は重要インフラやデジタルエコシステムへの永続的アクセスに重点を置くことで作戦上の利点や経済的優位性を持続させようとしています。

AIはパッチ適用が追い付かない速さでサイバー攻撃を加速させており、脆弱性の発見と修復の間のギャップは拡大しています。 このブログでは、なぜ予防第一のセキュリティではもはやAI駆動の脅威に追いつけないのかを解説します。 また、ダークトレースのビヘイビアAIによって、脆弱性が不明または未修正の場合でも、組織は攻撃を即座に検知し封じ込められることを説明します。