- New innovations in the Darktrace ActiveAI security platform provide more complete visibility across the enterprise, helping security teams proactively improve cyber resilience by eliminating alert fatigue and uncovering security gaps. Become.
- The platform is being introduced in an era of increasing AI-enhanced threats, with new research finding that 74% of security professionals believe these threats are already having an impact, while 60% Reports that the organization is not ready.
cambridge, england, April 9, 2024 /PRNewswire/ — Darktrace, the global leader in cybersecurity AI, today announced the Darktrace ActiveAI Security Platform™. The platform adds a series of new industry-first innovations and capabilities to Darktrace's existing best-in-class security products, including email and operational technology (OT). The platform uses AI to transform security operations from reactive to proactive and improve cyber resiliency. To empower human security analysts, the platform identifies weaknesses in security controls and processes before they can be exploited, detects and responds to unknown, known, and new threats, and Automate the investigation of alerts to completion and reduce manual triage processes. At the core of this platform is the ability to visualize, correlate, and investigate security incidents across cloud, email, network, endpoint, identity, OT, and even third-party tools and applications.
“At Capital Brands, we have a small team, so it's important that we make the most of our technology investments to operate as efficiently and effectively as possible,” he said. . peter hugh, CIO and CTO of Capital Brands, which develops and sells consumer electronics products focused on wellness nutrition for the home in more than 100 markets worldwide. “Darktrace’s platform acts as a force multiplier for us, allowing our team to move away from the purely reactive nature of cybersecurity, where security teams are often one step behind. “It allows us to be more proactive. We have a deep understanding of our environment, and we prioritize in ways we couldn't before. We automatically identify vulnerabilities. This allows us to quickly repair what is important and deprioritize what is not.”
“Security teams are at breaking point, forced into a reactive state with too many alerts, too little time, and a fragmented security stack.” max heinemeyer, Darktrace Chief Product Officer. “Based on 10 years of experience applying AI to transform security operations for thousands of customers, the Darktrace ActiveAI security platform takes a unique approach unlike any other in the industry. Correlate incidents and automate investigations to empower your security teams and improve their security, freeing you from time-consuming manual alert triage processes so you can focus your time on proactively building cyber resilience. Become.”
New report reveals lack of cyber preparedness in world threatened by AI
AI is beginning to amplify the already complex threats facing cybersecurity professionals. The rise of offensive AI, combined with automation and cybercrime-as-a-service, is increasing the speed, sophistication, and success rate of cybersecurity attacks. Multi-stage and multi-domain attacks are now widely used by adversaries to take advantage of lack of visibility and silos to move undetected between systems.
A new report commissioned by Darktrace released today highlights the challenges businesses face in this rapidly evolving cyber threat landscape. Darktrace’s “State of AI Cybersecurity 2024” report surveyed nearly 1,800 security leaders and practitioners across 14 countries and found that 74 percent of respondents said their AI-enhanced We found that although they believe cyber threats are already having a significant impact on their organizations, 60 percent believe they are currently unprepared for that impact. Defend against these attacks. The AI Cybersecurity Report also found:
- Organizations face two of the biggest roadblocks to defending against AI-enhanced threats. It's either lack of knowledge or the use of AI-powered countermeasures.[1] Not enough people to manage tools and alerts[2].
- Security professionals surveyed believe that defensive AI can effectively counter offensive AI, with 71% of respondents saying their AI-enhanced security solutions can detect and block AI-enhanced threats. I answered that I was confident that I could do it. However, only 26% of respondents fully understand what types of AI are currently used in their security stack.
- To prepare for these threats, security teams want to integrate tools. 85% of those surveyed agreed that a platform approach is more effective in stopping threats.
Introducing the Darktrace ActiveAI Security Platform
Against this backdrop, Darktrace introduces the Darktrace ActiveAI security platform to help organizations transform their security operations from reactive threat detection to proactive cyber resilience. The platform includes Darktrace's core detection capabilities and autonomous response capabilities with proactive breach prevention, attack simulation, and recovery capabilities in a single comprehensive solution with a common AI architecture. I am. The platform enables teams to visualize and correlate events across a wide range of domains, including cloud, email, endpoint, identity, network, and OT environments.
The platform is built on Darktrace's self-learning AI engine, which applies multiple types of AI directly to each business' data to understand what's normal and what's not. Continuously learn from your environment. Darktrace's AI detects known, unknown, and new threats in real-time and provides autonomous responses, including active threats, without disrupting operations.
New features and innovations announced today for the Darktrace ActiveAI security platform include:
- More explainable, automated, and customizable investigations for all alerts: Darktrace Cyber AI Analyst™ now reveals findings for all security alerts, not just alerts that have been escalated to incidents. This helps security analysts understand how the AI came to the conclusion that escalation is not necessary. Cyber AI Analyst can now be customized to perform investigations tailored to the unique needs of each business. For example, investigating activity around threat intelligence from third-party alerts for evidence of a cyber incident, or activity surrounding violations of company-specific compliance policies for evidence of insider threats. You can do that. Cyber AI Analyst was first introduced in 2019 and uses AI trained to mirror the way human security analysts conduct investigations. Unique in the industry, it automatically investigates all alerts to completion and identifies precise response actions that can be taken autonomously to contain the threat. Instead of security teams prioritizing just a small portion of alerts, Cyber AI Analyst prioritizes all alerts. This reduces alert fatigue and frees up security team time to focus on proactively strengthening security controls and improving incident handling procedures.
- Decryption: The platform includes new integrations with third-party network solutions that provide decrypted traffic feeds and decryption keys. It also includes native decryption for Microsoft Windows and Apple Mac applications, including Internet browsers.
- New firewall rules analysis to stay ahead of threats: Darktrace PREVENT/End-to-End™ provides breach preparation with the added ability to analyze firewall rules to identify potential unauthorized entry points and attack paths in IT, OT, or in between. We can now provide a more comprehensive view. Identify risks in your configuration and pre-empt threats.
Additionally, Darktrace releases enhancements to its best-in-class email and OT security solution. These solutions can be purchased as standalone products based on each organization's unique project needs.
Darktrace/Email™ includes new features that use AI to stop early-stage phishing, identify early symptoms of account compromise across a broader range of communications, and improve SOC efficiency. New features include:
- New data loss prevention features Use AI to detect anomalous user behavior or content changes beyond what native email providers offer, helping your team identify the full scope of accidental and malicious data loss .
- Microsoft Teams coverage Detect and stop sophisticated early phishing threats from new insiders that other solutions often miss, especially when communications span both collaboration and email tools.
- The new Darktrace/DMARC creates an easy way to help protect your organization. Brand with the industry's first AI-assisted deployment of the Domain-Based Message Authentication (DMARC) email authentication protocol to continuously thwart impersonation and phishing from corporate domain names.
- More robust account takeover protection now helps prevent lateral email breaches It is added to each user's AI behavioral profile to identify early signs of account compromise or malicious insiders before a link or attachment payload is sent and an exfiltration occurs.
- New Mailbox Security Assistant feature reduces potential false positive reports by 60%[3]This saves security teams time on analysis. This feature provides end users with a natural language summary and context of why an email may be malicious. This improves your knowledge and reduces the risk of successful phishing attacks.
- New behavioral link analysis feature This uncovers hidden intent within interactive and dynamic web pages, helping users and security teams detect more sophisticated malicious phishing links.
Darktrace/OT™ includes new capabilities that go beyond traditional Common Vulnerability and Exposure (CVE) scoring to help organizations identify, prioritize, and identify risks and potential attack vectors unique to their OT infrastructure. This will allow for ongoing review. In addition to more effectively identifying and prioritizing risks, Darktrace/OT can now evaluate each company's defenses against Advanced Persistent Threat (APT) group tactics. Darktrace/OT maps MITER techniques and known threat groups' tools, tactics, and procedures (TTPs) against unique attack paths identified within your business.
availability
New features of the Darktrace ActiveAI security platform are expected to be available in early Q2 2024.
additional resources
About Darktrace
Darktrace (DARK.L) is a global leader in cybersecurity artificial intelligence with a mission to free the world from cyber destruction.Breakthrough innovations from our R&D team cambridge, englandand The Hague, Netherlands As a result, more than 175 patents were filed. Rather than studying past attacks, Darktrace's technology continuously learns and updates its knowledge of business data and applies that understanding to transform security operations into a proactive, cyber-resilient state. will help you. Darktrace ActiveAI Security Platform™ can autonomously identify and respond to known and unknown ongoing threats within seconds across your entire organization, including cloud, apps, email, endpoints, networks, and operational technology (OT). We offer a complete lifecycle approach to cyber resilience. . Listed on the London Stock Exchange in 2021, Darktrace employs more than 2,300 people worldwide and protects more than 9,200 customers worldwide from advanced cyber threats. For more information, please visit http://www.darktrace.com.
[1] The rating given by the respondents was 3.36 on a scale of 1 (not at all) to 5 (quite a lot).
[2] The rating given by the respondents was 3.35 on a scale of 1 (not at all) to 5 (quite a lot).
[3] Based on internal Darktrace testing from February. March 2024evaluated the number of emails analyzed and the number of emails reported for users using this feature.
Source Darktrace
