Darktrace’s Enterprise Immune System
The Enterprise Immune System is a new technological approach to cyber defense, based on the principle that organizations face a constant level of threat from within. Inspired by the self-learning intelligence of the human immune system, this new approach is delivered by cutting-edge technology that is capable of learning ‘self’ within an organization in real time – enabling it to detect emerging threats that bypass other security controls.
Cyber threats take many forms and are increasingly difficult to predict – like viral DNA, they mutate and evolve constantly in order to survive within their chosen environment. The human body deals with this problem through its immune system, which continually learns about what is normal for our individual bodies and can identify outliers which do not fit that evolving pattern of normality.
Darktrace applies the same logic to the enterprise environment. Enterprise Immune System technology iteratively learns a pattern of life for every network, device and individual user, correlating this information in order to spot subtle deviations that indicate in-progress threats.
Machine learning can be thought of as the third and most recent machine revolution. The first was the replacement of muscle by machine in the industrial revolution. The second involved computers taking over repetitive tasks that had originally been done by people. Machine learning represents computers being able to undertake complex thoughtful tasks.
Darktrace’s unique technology is powered by advanced machine learning, allowing it to learn what is normal for a company’s network environment, so that it can then determine if any behavior is abnormal. This allows it to detect cyber attacks of a nature that may not have been observed before, the unknown unknowns. The ability to self-learn and adapt to a changing environment in real-time allows organizations to reconcile the need for an interconnected workforce, customer base and supply chain, whilst ensuring that they protect against serious, existential threats to their businesses in the most effective and pragmatic way possible.
Legacy approaches to cyber security embody the second revolution: people describe what an attack looks like, and then ask the computer to look for a match to that description. Darktrace turns this paradigm on its head, embodying the third machine revolution: the computer analyzes the data and finds areas that merit human interrogation. It is this capability that allows Darktrace to abandon the legacy approach of rules and signatures, and analyze even fast-moving, sophisticated and unknown threats in real time.
Our unique expertise in cyber defense operations and ground-breaking, self-learning technology allows organizations to keep up with the speed and sophistication of today's attackers.
Whether defending against an APT or an insider attack, Darktrace understands the human traces behind every attack. Our solutions are anchored in Enterprise Immune System technology, which detects subtle indicators of compromise and threatening behaviors, even when those behaviors are brand new, complex and constantly changing.
The age of surrounding your information with higher and higher walls is over. Legacy approaches permanently leave you a step behind. Darktrace moves at the same speed as the threat, automatically learning from an organization's ongoing activity in real time to detect threat behaviors as they emerge.
The foundations of Darktrace’s unique approach lie in cutting-edge machine learning and mathematics developed at the University of Cambridge. With technical teams made up of world-class mathematicians and technical experts who themselves helped develop the groundbreaking Recursive Bayesian Estimation (RBE) theory that lies at the heart of the unique Enterprise Immune System technology, Darktrace is able to exceed the boundaries set by legacy approaches to cyber security.
Bayesian mathematics allows for meaning to be drawn from large, profuse data sets, and for estimated probabilities of a given event to be updated as more information is observed. Recursive Bayesian Estimation allows for this approach to be applied without the need for a supercomputer.
The founders of Darktrace include senior members of the UK government’s cyber community from MI5 and GCHQ, and Lord Evans, former Director-General of MI5, sits on the advisory board.
Our expert team have had experience on the frontline of cyber defense, and have been responsible for the protection of critical national assets – people, public services, and core intellectual property – from some of the most insidious threats in operation, including both sophisticated insider attacks and large-scale, state sponsored espionage groups. Darktrace’s team has now expanded to include experts from intelligence communities globally, such as the NSA and CIA, with backgrounds ranging from threat analysis to senior intelligence positions.