Darktrace Unveils Self-Learning AI-based Cloud-Native Security Solution

Highlights:

• The latest version incorporates universal attack route modeling, which offers a dynamic perspective of potential attackers’ next moves.
• The service integrates real-time anomaly and threat detection with deep knowledge of cloud attack paths through cloud-native autonomous response actions.

Darktrace PLC, a machine learning cybersecurity company, unveiled a new solution that helps security teams manage misconfigurations and bolster compliance by offering complete visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized actions and recommendations.

With its unique self-learning artificial intelligence, the new Darktrace/Cloud solution aims to solve the problem that over 99% of cloud breaches stem from user error, account takeovers, and misconfiguration.

According to Darktrace, security experts find it challenging to maintain visibility and stay on top of misconfigurations in cloud settings, which increases risk and compliance. The emergence of cloud-native technologies, such as microservices, Kubernetes, and containers, has added to the mix and created additional difficulties in identifying and countering known and unknown threats.

The latest version of Darktrace/Cloud includes new features comprising architecture modeling and complete visibility, which provide insights into how cloud environments evolve. The visibility is dynamically built by utilizing configuration, network, user, identity, and access management data. Darktrace creates lifecycle patterns for identities, services, and cloud resources to determine who can access what and how.

The latest release incorporates universal attack path modeling, which offers a dynamic perspective of potential attackers’ next moves. Darktrace is a platform strategy that offers insights about threats from other covered areas of the organization, such as network and email and combines real-time cloud data and a thorough understanding of a cloud environment to highlight potential attack paths and prioritize critical assets to safeguard.

According to the firm, the release’s real-time, cloud-native threat detection and response offers a dynamic picture of known and unknown risks inside the cloud. The service integrates real-time anomaly and threat detection with deep knowledge of cloud attack paths through cloud-native autonomous response actions.

The service provides prioritized cloud posture monitoring, which includes comparing cloud setups to standard compliance frameworks. Darktrace offers a prioritized list of the things to address when misconfigurations are found. This list is based on a risk profile created from a security and business context.

Additional features include flexible deployment options, improved communication, and collaboration tools to expedite workflows between security and DevOps teams, and cost discovery to give a better understanding of cloud resource usage.

Organizations may quickly be up and running with deployment choices that, by default, include an agentless deployment. Teams can choose where to deploy agents for increased real-time actions and deeper inspection using a dynamic architectural perspective and risk context.

Jack Stockdale, Chief Technology Officer, said, “Our Self-Learning AI continuously learns patterns between workloads, assets, policy configurations, and identities to provide a dynamic view of cloud architectures. We analyze the entire cloud stack from data to the control plane, combining an understanding of architecture and network with a new flexible, scalable deployment model.”