Darktrace / EMAIL Analysts' Workflow Guide
How your email security analysts should work with Darktrace / EMAIL, the guide they'll actually use
Step-by-step workflow guide for security analysts using Darktrace / EMAIL. Covers triage prioritisation, investigation methodology, response actions, and how to get the most from automated AI Analyst reporting.
10,000+
Customers
Step-by-step workflow guide for security analysts using Darktrace / EMAIL. Covers triage prioritisation, investigation methodology, response actions, and how to get the most from automated AI Analyst reporting.
This playbook provides a practical example workflow for Darktrace / EMAIL, designed to complement the training resources available in the Customer Portal. Unlike / NETWORK, Darktrace / EMAIL operates autonomously by default, but this guide outlines optional workflows for teams that want to interact with the tool more routinely or support specific use cases. The content is split into two parts — exploration and optimization — moving from high‑level overviews to more detailed triage and configuration steps. All workflows are flexible and can be followed by a single user or distributed across team roles.
See how others stay one step ahead with Darktrace
Your data. Our AI.