The post MDR Service Launched by Darktrace to Bolster Security Operations appeared first on Digital IT News.
]]>Darktrace has introduced its new service, Darktrace Managed Detection & Response (MDR). This service integrates its top-tier detection and response capabilities across the enterprise with the expertise of its global analyst team. This combination enhances internal security teams with AI-driven threat containment and expert alert management within Darktrace environments, enabling them to allocate resources to more strategic security initiatives, such as enhancing cyber resilience.
Over 40% of security leaders cite enhancing and optimizing technology and processes in the security operations center (SOC) as a top priority for improving defenses against the rise of AI powered threats according to the Darktrace State of AI Cybersecurity 2024 report. As a leader in applying AI to the challenge of cybersecurity, Darktrace has transformed security operations for thousands of customers for more than a decade. Building upon this expertise Darktrace introduced its MDR service in March 2024, empowering customers to maximize the benefits of effective human-AI collaboration. The service offers customers expanded hands-on analyst support with 24/7 managed detection and response, featuring SOC investigation and action on Darktrace alerts, across network, cloud, operational technology (OT), endpoints and software-as-a-service (SaaS) applications.
With MDR, Darktrace’s SOC team will monitor customer environments for high priority alerts indicative of an attack, conduct investigations to alert customers of potentially severe incidents and begin initial triage with human engagement on the AI’s actions. The SOC will carefully review the response measures the autonomous AI has taken and subsequently take proactive steps on behalf of the customer to contain threats, which may include extending or escalating response actions. By doing so, the SOC buys valuable time for internal teams to prepare for engagement while also gathering essential context for effective remediation efforts.
Darktrace’s existing global SOC team comprised of 100+ world-class cybersecurity analysts support the service, offering a breadth of real-time knowledge, threat analysis and containment expertise, and extensive field experience. Darktrace’s SOC offers 24/7 support, utilizing a follow-the-sun model with operations headquartered in the United Kingdom, United States and Singapore, to ensure analysts are available and ready to support around-the-clock.
The service builds upon Darktrace’s leadership and expertise with best-in-class detection and response capabilities. The Darktrace ActiveAI Security Platform utilizes its unique self-learning AI engine to detect known, unknown, and novel threats in real-time and provide an autonomous response to contain active threats without disrupting business operations. However, high-priority threats often require humans to engage and make decisions following the initial containment. Darktrace Managed Detection & Response now enables the Darktrace SOC to immediately step in, conduct the initial triage, and gather context for internal teams, buying them added time to coordinate an effective response to remove the threat. Additional features and benefits of Darktrace Managed Detection & Response include:
- Expansive coverage across network, cloud, OT, endpoints, or SaaS applications offering one of the broadest vendor MDR services available today.
- Unlimited access to Darktrace’s analyst team providing 24/7 support for expert assistance during live threat investigations or even day-to-day operations.
- Semi-annual operational efficiency reports featuring consultancy insight with objectives and recommendations for optimizing and tuning deployments for maximum operational efficiency, and suggestions on improving overall cybersecurity hygiene.
- Quarterly analyst MDR reviews ensuring deployments are reaching their full potential, with tailored advice on streamlining workflows, model optimization and custom use cases.
- Regular MDR service reports summarizing all alerts raised as well as those resolved by Darktrace’s SOC for full transparency of service.
“As cyberthreats become more sophisticated and frequent, organizations are looking for ways to help improve their security outcomes without adding to their team’s existing workloads,” said Denise Walter, Chief Revenue Officer, Darktrace. “Our AI-powered MDR service gives our customers added peace of mind that a Darktrace human expert is monitoring their environment 24/7 to keep them protected. Darktrace Managed Detection & Response brings not only the power of our technology, but the power of our people directly into our customers’ environments.”
Darktrace Managed Detection & Response is available now to customers using Darktrace DETECT
and RESPOND, across Network, Cloud, OT, Endpoints, or SaaS applications. Darktrace partners can re-sell the service, helping to deliver added value for customers with a complementary offering for their existing portfolio.
“At Grove, we are excited to partner with Darktrace to offer their Managed Detection & Response (MDR) service to our clients. This collaboration seamlessly integrates our services and together, Darktrace’s MDR service and our dSOC service, offer unparalleled security through skilled analysis and consistent oversight,” said James Vintin, CEO at Grove Group, a global partner, reseller and distributor focused on defending customers with advanced cybersecurity solutions. “Combining Darktrace’s 24/7 AI-driven threat containment and immediate intervention with Grove’s proactive daily analysis, Indicator of Compromise reports, and continuous customer interaction ensures that potential threats are promptly identified and addressed. Our partnership enhances our clients’ overall security posture and delivers the best of both worlds: immediate and long-term protection against evolving cyber threats.”
To learn more about Darktrace MDR (Managed Detection & Response), visit the website here.
Related News:
Darktrace ActiveAI Security Platform Transforms Security Operations
Netenrich Adaptive MDR Launches for Google Chronicle Security Operations
The post MDR Service Launched by Darktrace to Bolster Security Operations appeared first on Digital IT News.
]]>The post Darktrace ActiveAI Security Platform Transforms Security Operations appeared first on Digital IT News.
]]>Darktrace has unveiled its latest offering, the Darktrace ActiveAI Security Platform, which integrates Darktrace’s top-tier security products with new industry-first innovations and features, particularly in email and operational technology (OT). Utilizing artificial intelligence (AI), the platform shifts security operations from reactive to proactive, bolstering cyber resilience. It aims to empower human security analysts by preemptively identifying vulnerabilities in security controls and procedures, preempting potential exploits, and swiftly addressing both known and emerging threats. Additionally, it streamlines the investigation process by automating the handling of each alert. At its core, the platform facilitates the visualization, correlation, and investigation of security incidents across various domains such as cloud, email, network, endpoint, identity, and OT, along with third-party tools and applications.
“Security teams are reaching a breaking point, forced into a reactive state by too many alerts, too little time, and a fragmented security stack,” said Max Heinemeyer, Chief Product Officer, Darktrace. “Building on a decade of experience applying AI to transform security operations for thousands of customers, the Darktrace ActiveAI Security Platform takes a unique approach from the rest of the industry. It correlates incidents across the digital environment and automates investigations to uplift security teams and free them from the manual, time-intensive alert triage process so they can focus their time on building proactive cyber resilience.”
“At Capital Brands, we have a small team so maximizing our technology investments is crucial to ensure we are operating as efficiently and effectively as possible,” said Peter Huh, CIO & CTO, Capital Brands, which develops and sells domestic appliances with a focus on wellness nutrition to households in over 100 markets worldwide. “Darktrace’s platform acts as a force multiplier for us, allowing our team to move away from the purely reactive nature of cybersecurity – which often leaves security teams one step behind – to a more proactive state. We gain a deep understanding of our environment that helps us prioritize in a way we haven’t been able to in the past. We can automatically identify vulnerabilities so we can quickly remediate the things that matter and deprioritize the things that don’t.”
New Report Finds Lack of Cyber Preparedness in an AI-Threatened World
AI is beginning to amplify the already complex threats faced by cyber security professionals. The rise of offensive AI combined with automation and cybercrime-as-a-service is increasing the speed, sophistication, and success of cyber security attacks. Multi-stage and multi-domain attacks are now widely used by adversaries, who take advantage of a lack of visibility and siloes to move undetected between systems.
A new Darktrace-commissioned report released today underscores the challenges facing businesses in this rapidly evolving cyber-threat landscape. Darktrace’s State of AI Cyber Security 2024 report, which surveyed nearly 1,800 security leaders and practitioners in 14 countries, found 74 percent of respondents believe AI-augmented cyber threats are already having a significant impact on their organizations, yet 60 percent believe they are currently unprepared to defend against these attacks. The report also found:
- Organizations face three top inhibitors to defending against AI-augmented threats: insufficient knowledge or use of AI-driven countermeasures; insufficient personnel to manage tools and alerts; and insufficient knowledge/skills pertaining to internal use of AI technology and its increasing threat.
- Security professionals believe defensive AI will effectively counter offensive AI, with 71 percent of respondents indicating they are confident that AI-augmented security solutions will be able to detect and block AI-augmented threats. However, only 26 percent fully understand which types of AI are used in their security stack today.
- As they prepare for these threats, security teams want to consolidate their tools. Eighty-five percent agreed that a platform approach is more effective at stopping threats.
Introducing the Darktrace ActiveAI Security Platform
Against this backdrop, Darktrace is introducing the Darktrace ActiveAI Security Platform to help organizations transform their security operations from a focus on reactive threat detection to proactive cyber resilience. The platform includes Darktrace’s core detection and autonomous response capabilities with pre-breach prevention, attack simulation and recovery capabilities in a single, holistic solution with a common AI architecture. The platform enables teams to visualize and correlate events across a broad set of domains including cloud, email, endpoint, identity, network, and OT environments.
The platform is built on Darktrace’s Self-Learning AI engine, which includes multiple types of Al that are applied directly to the data of each business so that it can learn the unique business operations in real-time to understand what is normal and what is not. Darktrace’s AI detects known and novel threats in real-time and provides an autonomous response that shuts down active threats without disrupting business operations.
New features and innovations unveiled today in the Darktrace ActiveAI Security Platform include:
- More explainable, automated, and customizable investigations for all alerts: Darktrace Cyber AI Analyst will now reveal the results of its investigations for every security alert, rather than just those escalated to an incident. This helps security analysts understand how the AI reached its conclusion and why escalation wasn’t required. Cyber AI Analyst also can now be customized to perform investigations that are tailored for each business’s unique needs. Darktrace Cyber AI Analyst was first introduced in 2019 and uses AI trained to mirror how human security analysts conduct investigations. Unique in the industry, it automatically investigates every alert to completion and identifies precise response actions that can be taken autonomously to stop threats. Rather than security teams triaging a small portion of alerts, Cyber AI Analyst triages all of them. This reduces alert fatigue, time spent on triage, and frees up time for teams to proactively harden their security controls and refine incident handling procedures with insights provided by Darktrace.
- Decryption: The platform will now include new integrations with third-party network solutions to provide decrypted traffic feeds and decryption keys for increased network visibility. It will also include native decryption for Microsoft Windows and Apple Mac applications, including internet browsers.
- New Firewall Rule Analysis to Pre-empt Threats: Darktrace PREVENT/End-to-End, which provides pre-breach preparation, now includes the ability to analyze firewall rules and provide a more comprehensive view of potential unauthorized traversal points or attack paths within IT, OT or in between, identifying risks in configuration and pre-empt threats.
Additionally, Darktrace has released enhancements to its best-in-class email and OT security solutions, which can be purchased as stand-alone products based on each organization’s unique project needs.
As email continues to be the entry point for most attacks, Darktrace/Email will include new features that use AI to stop early-stage phishing and spot early symptoms of account compromise across a broader range of communications and increase SOC efficiency. The new features include:
- New data loss prevention capabilities that use AI to detect abnormal user behavior and changes to content beyond those offered by native email providers, helping teams identify the full spectrum of accidental and malicious data loss.
- Coverage for Microsoft Teams to detect and stop novel, insider, and sophisticated early phishing threats, often missed by other solutions, especially when communications span both collaboration and email tools.
- New Darktrace/DMARC creates an easy way to help protect an organization’s brand with an industry first AI-assisted deployment of the Domain-based Message Authentication (DMARC) email authentication protocol to continuously stop others spoofing and phishing from a business’s domain names.
- More robust account takeover protection that can now prevent lateral mail compromise with an addition to our AI behavioral profile for each user that spots early symptoms of account compromise and malicious insiders before a link or attachment payload is sent and exfiltration occurs.
- Reducing reporting of benign emails by up to 60 percent by providing end-users with a natural language summary of why an email may or may not be malicious. This helps improve their knowledge and decrease the risk of successful phishing attempts, while also lowering the time spent by security teams analyzing false positive reports.
- New behavioral link analysis capabilities that can reveal hidden intent within interactive and dynamic webpages to help users and security teams detect more sophisticated malicious phishing links.
OT systems, particularly those that power critical infrastructure such as water, health care and utilities, continue to be heavily targeted by nation-state threat actors and ransomware gangs. To help protect these critical assets, Darktrace/OT includes new capabilities that go beyond traditional Common Vulnerability and Exposure (CVE) scoring to help organizations identify, prioritize, mitigate, and continuously review the risks and potential attack paths that are specific to their OT infrastructure. In addition to identifying and prioritizing risks more effectively, Darktrace/OT can now evaluate each business’s defenses against the tactics of Advanced Persistent Threat (APT) Groups. Darktrace maps MITRE techniques and known threat groups tools, tactics, and procedures (TTPs) against unique attack paths identified within the business.
Availability
New features in the Darktrace ActiveAI Security Platform are expected to be available in early calendar Q2 2024.
The post Darktrace ActiveAI Security Platform Transforms Security Operations appeared first on Digital IT News.
]]>The post 96% Of Security Professionals Preparing For AI-Powered Cyber-Attacks appeared first on Digital IT News.
]]>MIT Technology Review Insights surveyed over 300 C-level executives, directors and managers worldwide between December 2020 and January 2021 to understand how they address present and future cyber-threats. Key findings include:
- The top 3 most concerning attacks were email attacks (74%), ransomware (73%) and cloud-based attacks (68%)
- 96% of respondents are preparing for the onset of AI attacks
- 68% expect AI to be used for impersonation and spear-phishing attacks
- 60% believe that human-driven responses fail to keep up with automated cyber-attacks
The report includes a case study from McLaren Racing, the Formula 1 giant, which uses Darktrace’s Autonomous Cyber AI to detect and respond to fast-moving cyber-attacks. The case study details an instance in which the AI stopped a sophisticated email impersonation attack during a busy race weekend.
The report also details insights from Darktrace’s Director of Threat Hunting and former White Hat Hacker, Max Heinemeyer, who explores the security challenges of ‘fearware’, highly targeted scam emails that have exploited the public’s fears around the pandemic.
“Of the individuals surveyed for this report, 60% are C-level executives and directors,” commented Laurel Ruma, Editorial Director, US at MIT Technology Review. “From the results, it is clear that cyber security is a real and significant issue for business leaders – and AI is going to play a very big part in securing all enterprises.”
“These findings show that we are at a watershed moment and business executives are preparing for a new era of attacks,” commented Nicole Eagan, Chief Strategy & AI Officer at Darktrace. “Approaches that are based on analyzing historical attacks will be ill-equipped to defend against Offensive AI. A fundamentally new approach using self-learning technology and autonomous response will be necessary to augment human security teams.”
Image licensed by: Pixabay.com
Related News:
MemVerge Makes Big Memory Apps Sizzle
ASCENT Launches ASCENT Security Compliance Portal
The post 96% Of Security Professionals Preparing For AI-Powered Cyber-Attacks appeared first on Digital IT News.
]]>The post Antigena Email and Enterprise Immune System Designated Marsh Cyber Catalysts 2020 appeared first on Digital IT News.
]]>Darktrace’s core AI threat detection technology, the Enterprise Immune System, and its AI-powered email security solution, Antigena Email, received Cyber Catalyst designation for their unique ability to combat the cyber risks facing organizations today, including ransomware and social engineering. Designated solutions can qualify for enhanced terms and conditions on cyber insurance policies offered by insurers participating in the Cyber Catalyst program, such as AXA XL, Allianz, AXIS and Beazley.
Thomas Reagan, Cyber Practice Leader at Marsh, commented: “The Cyber Catalyst designation signals that leading insurers believe that these Darktrace solutions can help reduce cyber risk, and strongly merits consideration by organizations who seek solutions that yield meaningful improvements in cyber risk outcomes.”
Darktrace’s Enterprise Immune System protects against novel cyber-threats by learning the normal ‘patterns of life’ of an organization, and detecting threats as they deviate from these patterns. In their evaluation, the insurers commented: “This is a unique product where machine learning/AI plays a core part in protecting, detecting, and responding to threats… [providing]a force multiplier to the security operations center.”
Darktrace’s Antigena Email is a self-learning technology that stops targeted email campaigns and impersonation attacks that evade traditional email gateways. The insurers commented: “A very novel context-based approach that asks not whether an incoming email is malicious but crucially whether it belongs – clearly valuable for organizations.”
“This designation reflects the participating cyber insurers’ acknowledgement that autonomous Cyber AI technologies can significantly reduce the business impact of cyber-attacks by empowering organizations to identify and neutralize threats in their earliest stages,” commented Nicole Eagan, Chief Strategy Officer and AI Officer at Darktrace. “We applaud the thorough vetting of technologies that these insurers have performed, the high bar they have set, and the service they are providing to the industry by certifying Darktrace among the vendors in the Cyber Catalyst program.”
Image licensed by Pixabay.com
Related News:
Most Consumers Want Insurers to Handle Personal Cyber Threats as Pandemic Drives Digital Consumption
Business Email Compromise Attacks Rise in 75% of Industries
The post Antigena Email and Enterprise Immune System Designated Marsh Cyber Catalysts 2020 appeared first on Digital IT News.
]]>