The Enterprise Immune System
The Enterprise Immune System is the world’s most advanced machine learning technology for cyber defense. Inspired by the self-learning intelligence of the human immune system, this new class of technology has enabled a fundamental shift in the way organizations defend themselves, amid a new era of sophisticated and pervasive cyber-threats.
The human immune system is incredibly complex and continually adapts to new forms of threats, such as viral DNA that constantly mutates. It works by learning about what is normal for the body, identifying and neutralizing outliers that do not fit that evolving pattern of normality.
Darktrace applies the same logic to enterprise and industrial environments. Powered by machine learning and AI algorithms, Enterprise Immune System technology iteratively learns a unique ‘pattern of life’ (‘self’) for every device and user on a network, and correlates these insights in order to spot emerging threats that would otherwise go unnoticed.
Like the human immune system, the Enterprise Immune System does not require previous experience of a threat or pattern of activity in order to understand that it is potentially threatening. It works automatically, without prior knowledge or signatures, detecting and fighting back against subtle, stealthy attacks inside the network — in real time.
Machine learning can be thought of as the third and most recent machine revolution. The first was the replacement of muscle by machine in the industrial revolution. The second involved computers taking over repetitive tasks that had originally been done by people. Machine learning represents computers being able to undertake complex, thoughtful tasks.
The fundamental technology underlying Darktrace is powered by advanced, unsupervised machine learning, which capable of learning what is normal and what is abnormal inside a network on an evolving basis, without using training data or customized models. This allows it to detect cyber-attacks that may not have been observed before, the unknown unknowns.
Legacy approaches to cyber security embody the second revolution: people describe what an attack looks like and then ask the computer to look for a match to that description. Darktrace turns this paradigm on its head, embodying the third machine revolution: the computer autonomously finds anomalous areas within large data sets, and makes intelligent judgements accordingly. This self-learning capability is transformative, allowing organizations to embrace interconnected networks, while defending their critical data and reputation.
Our unique expertise in cyber defense operations and ground-breaking, self-learning technology allows organizations to keep up with the speed and sophistication of today's attackers.
Whether defending against an APT or an insider attack, Darktrace understands the human traces behind every attack. Our solutions are anchored in Enterprise Immune System technology, which detects subtle indicators of compromise and threatening behaviors, even when those behaviors are brand new, complex and constantly changing.
The age of surrounding your information with higher and higher walls is over. Legacy approaches permanently leave you a step behind. Darktrace moves at the same speed as the threat, automatically learning from an organization's ongoing activity in real time to detect threat behaviors as they emerge.
The foundations of Darktrace’s unique approach lie in cutting-edge machine learning and mathematics developed at the University of Cambridge. With technical teams made up of world-class mathematicians and technical experts who themselves helped develop the groundbreaking Recursive Bayesian Estimation (RBE) theory that lies at the heart of the unique Enterprise Immune System technology, Darktrace is able to exceed the boundaries set by legacy approaches to cyber security.
Bayesian mathematics allows for meaning to be drawn from large, profuse data sets, and for estimated probabilities of a given event to be updated as more information is observed. Recursive Bayesian Estimation allows for this approach to be applied without the need for a supercomputer.
The founders of Darktrace include senior members of the UK government’s cyber community from MI5 and GCHQ, and Lord Evans, former Director-General of MI5, sits on the advisory board.
Our expert team have had experience on the frontline of cyber defense, and have been responsible for the protection of critical national assets – people, public services, and core intellectual property – from some of the most insidious threats in operation, including both sophisticated insider attacks and large-scale, state sponsored espionage groups. Darktrace’s team has now expanded to include experts from intelligence communities globally, such as the NSA and CIA, with backgrounds ranging from threat analysis to senior intelligence positions.