world-leading cyber ai · ocannot work without configuration or tuning ounable to deliver value...
Post on 08-Oct-2020
2 Views
Preview:
TRANSCRIPT
World-leading Cyber AIAn Immune System Approach
o World-leading artificial intelligence for cyber
defence
o Founded in 2013 by mathematicianso Headquarters in San Francisco and
Cambridge, UK
o Creators of Cyber AI and Autonomous Response technology
o $1 billion in cumulative bookings
Company Overview
$2bn+VALUATION
3,500 Customers Across all Industries
Asymmetry of Cyber Threat
Attacking is getting easiero Machine-speed attackso Sophisticated email phishing o Stealthy ‘low and slow’ attackso Offensive AI
Defending is getting harder o Cloud and IoTo Mobile and home workingo Fragmented digital businesses o Overwhelmed security teams
2020
The Limitations of the Legacy Approach
Darktrace’s ability to see and autonomously respond to the known knowns and unknowns is unparalleled by any other product out
there, and has ushered Darktrace to the leader of the pack- Aite Group
Real machine learning is hard to get righto Needs to learn ‘on the job’, unsupervised o Constantly evaluates new evidence and
changing environmentso Needs to understand patterns and inferenceo Needs to respond in real time
Legacy approacho Reliant on rules, signatures, and
training data o Cannot work without configuration or
tuningo Unable to deliver value immediatelyo Limited scalability and adaptability
Darktrace Cyber AI Platform
Technology Architecture
Enterprise Immune System
o Analogous to the human immune system o Entirely self-learning – no rules or
configurations
o Evolving sense of ‘self’o Detects completely new, unknown threats
o 100% visibility into every device, connection
and incident
o Installs in one hour – no configuration or
maintenance
o Scalable – up to millions of devices
The Enterprise Immune System has exceeded expectations. The visibility and intelligence it provides is truly unmatched.- ZPower
o Autonomous, surgical interruption of attackso Reacts faster than human teamso No impact on normal, legitimate activity – business
as usualo Customisable and controllable o Mobile app for 24/7 oversighto Improves functionality of other tools in a SOCo Frees up human teams to focus on what matterso Responds to a threat every three seconds o Four modules: Email, Cloud, Network, Host
Darktrace Antigena: Autonomous Response
Antigena can autonomously and precisely contain in-progress attacks. Darktrace is fundamentally transforming how we defend our systems.
- Layton Construction
You can't bring a human to a machine fight
Cyber AI Analyst: Augmenting Humans
The AI Analyst helps reduce noise more than any other technology... There is no other vendor on the market able to offer the same AI-driven investigation and analysis of cyber-threats.
- Chris Kissel, Research Director, IDC
o Combines human expertise with speed and scale of AIo Performs initial role of a human analyst, to the same
standard
o Continuously investigates all threats
o Reduces triaging time by up to 92%o Automatically writes reports in executive-friendly
language
Cyber AI Analyst: Augmenting Humans
Covers Your Entire Digital Businesso Cloud
o Cloud-native Cyber AIo Works across containers and virtualised
environments o SaaS, IaaS, and hybrid environments
o Emailo Understands emails in contexto Prevents attacks and spoofs before deliveryo No reliance on blacklists
o Host o Detects threats inside machineso Provides visibility and control of devices o Enables more precise Antigena actions
o SCADA and IoTo Secures industrial systems and 5G sensorso Protocol and technology agnostico Deploys passively without agents
LEARN MORE
LEARN MORE
LEARN MORE
LEARN MORE
Darktrace represents a new frontier in cyber-defence. We now have real-time coverage across our SaaS applications and cloud containers.
- City of Las Vegas
Darktrace’s adaptive self-learning approach and 3D Threat Visualizer have made our jobs more efficient than we ever thought possible.
- H&M International Transportation
Live Demo
o Foundation POV: Enterprise Immune
System
+ Antigena Email O365 (optional)
o 30-day trial, no commitment
o Deploys in 1 hour
o Dedicated Cyber Technologist
o Next steps:
ü Sizing call
ü Weekly meetings
ü Bespoke Threat Intelligence
Reports
Darktrace Proof of Value
Darktrace brings immediate value with little effort on the part of security teams.
- TruWest Credit Union
Deployed in under an hour, the AI platform instantaneously impressed us with its ability to detect emerging threats, that our other tools have no way of catching.
- International Baccalaureate
“They have a fantastic interface – probably the best interface I’ve seen in my life, I’m not exaggerating.”
- CTO, IT solutions
“The team was fabulous. Putting it on our network and configuring it took less than a day.”
- CIO, Non-profit
“Darktrace gives you a holistic view of the network in a beautiful GUI. You can see anything that sits on any part of your network, any endpoint, any subnet.”
- CIO, Non-profit
“Another reason we chose Darktrace was because the installation took hours instead of days or weeks”
- CTO, IT solutions
“It’s constantly learning. My SIEM only finds what you’re smart enough to tell them to alert on”
- CISO, Payments3
“It’s catching things none of our other layers are catching. Our SIEM mostly looks at North/South traffic where as Darktrace really digs into East/West traffic.”
- IT & Operations, Public company
“Cisco IDS had a lot of noise. With Darktrace we can prioritize and I get 10 real alerts instead of 1,000.”
- CISO, Financial Services
“One of the greatest strengths is easy implementation as opposed to incubating-type technologies.”
- CISO, Education
“The value is that it gives us a different perspective. For the nominal amount of money I’m paying– it’s paying for itself.”
- CISO, Payments
“My SOC manager thinks Antigena is amazing. Detection remediation being automated is exciting. Right now Darktrace is just tipping you off.”
- CISO, Payments
Customer Testimonials
Industry:
Point of entry:
Apparent objective:
Video Conferencing Camera Hack
o Camera had been compromised by a remote attacker
o Attacker was aiming to either:• Steal corporate
information• Take remote control of the
device to launch a DDoS attack on another network
Video conferencing camera
Transmitting data outside the network
Retail
Anomalous activity detected:
Industry:
Point of entry:
Apparent objective:
Anomalous activity detected:
Serpent Ransomware Infection
Corporate network
Infect OT and IT environments with ransomware
o Series of connections to rare destinations via internal proxy server
o Anomalous communications and downloads detected
o Pattern of behavior for Serpent infection identified
Oil & Gas
Industry:
Point of entry:
Apparent objective:
Internal Data Theft From the Cloud
o Customer database held on a third-party cloud
o IT manager downloaded contact details and credit card numbers, then transferred them to a home server
o The employee was likely intending to sell the information for a substantial profit
Third-party cloud service
Download customer database and sell for a profit
Retail
Anomalous activity detected:
Industry:
Point of entry:
Apparent objective:
Anomalous activity detected:
IP Targeted by Advanced Malware
o Malware designed to target intellectual property disguised in email as invoice
o Employee unintentionally downloaded fast-acting malware
o Darktrace Antigena responded, preventing spread of malware across the business
Disguised malicious document
Encrypt crucial system files and spread to subsequent victims
Medical Manufacturing
Industry:
Point of entry:
Apparent objective:
Anomalous activity detected:
Spear-phishing Campaign
o Sophisticated phishingcampaign
o Attacker got hold of city’s address book, sending emails alphabetically from A to Z
o Each email tailored to each recipient
o Malicious link hidden behind a button
o Antigena caught it at ‘A’ (in Passive Mode) - other tools caught it at ‘R’
Execute malicious payload
Government
top related