Highlights:

  • Leveraging artificial intelligence, the platform shifts security operations from reactive to proactive cyber resilience, pinpointing preemptive security controls and procedures vulnerabilities, thereby thwarting potential exploits.
  • The Darktrace ActiveAI Security Platform offers the flexibility to be customized to meet specific business requirements, including the ability to conduct comprehensive investigations tailored to align with individual operational needs.

Darktrace PLC, a cybersecurity firm specializing in machine learning, unveiled a fresh security platform to mitigate alert exhaustion and shed light on security vulnerabilities, empowering security teams to enhance cyber resilience.

Named the Darktrace ActiveAI Security Platform, this offering integrates Darktrace’s current suite of security products with a range of novel innovations and functionalities.

Leveraging artificial intelligence, the platform shifts security operations from reactive to proactive cyber resilience, pinpointing preemptive security controls and procedures vulnerabilities, thereby thwarting potential exploits. Additionally, the service detects and swiftly responds to familiar and emerging threats while streamlining the investigation of each alert to its resolution, thereby minimizing the need for manual triage.

At the heart of the new platform, the company emphasizes its capability to visualize, correlate, and delve into security incidents spanning cloud, email, network, endpoint, identity, and operational technology realms alongside third-party tools and applications.

Constructed upon Darktrace’s Self-Learning AI engine, the platform employs various AIs that directly relate to the data within each enterprise. This enables it to continually learn the distinctive operations of businesses in real-time, distinguishing between normal and abnormal activities within an organization. In real-time, the AI identifies recognized and emerging threats, offering an autonomous response mechanism that effectively neutralizes active threats while ensuring uninterrupted business operations.

The new service integrates Darktrace Cyber AI Analyst, delivering enhanced explainability, automation, and investigation customization for each security alert. This service enables security analysts to gain insights into the AI’s decision-making process, understanding the rationale behind its conclusions and why specific alerts were not escalated to incidents.

Moreover, the new platform offers the flexibility to be customized to meet specific business requirements, including the ability to conduct comprehensive investigations tailored to align with individual operational needs. This capability enables automatic investigation of every alert, proposing precise autonomous response actions as suggestions.
This mitigates alert fatigue, reduces triage time, and empowers security teams to concentrate on fortifying their defenses and refining incident response strategies with the insights furnished by Darktrace.

Chief Product Officer Max Heinemeyer states, “Security teams are reaching a breaking point, forced into a reactive state by too many alerts, too little time, and a fragmented security stack. The Darktrace ActiveAI Security Platform takes a unique approach from the rest of the industry. It correlates incidents across the digital environment and automates investigations to uplift security teams and free them from the manual, time-intensive alert triage process so they can focus their time on building proactive cyber resilience.”

Darktrace has also introduced new features to augment network visibility and preemptively address threats. The company’s platform integrates with third-party network solutions, enabling access to decrypted traffic feeds and decryption keys. Furthermore, it provides native decryption support for applications on Microsoft Windows and Apple Mac platforms, encompassing internet browsers. A new Firewall Rule Analysis feature also assists in preparing defenses against potential breaches.

The company also unveiled new features within Darktrace/Email, its email protection service, incorporating advanced AI capabilities. The AI enhancements are designed to identify abnormal user behavior and content alterations, surpassing the capabilities of native email providers. They provide comprehensive protection against both accidental and malicious data loss.