Darktrace platform enhancements provide additional vulnerability insights
Darktrace announced a new update to its flagship platform, empowering human security teams with a simplified, streamlined workflow that allows them to operate at scale under an increasingly demanding cyber security landscape.
With over 80 new features and 70 additional machine learning models, there are three main categories of upgrades:
- A new UX/UI design enhancing and streamlining workflows.
- Explainable AI that communicates decisions and actions in plain English.
- AI capable of making micro-decisions allowing human experts to make macro-decisions.
The Enterprise Immune System, the AI detection “engine,” has both significantly improved usability and a streamlined workflow. Customizable filters are now able to display threats by classification, for instance “critical” incidents or those relating to compliance. In addition, users can view model breaches based on device type to help quickly identify those in the most vulnerable position. Threat investigation displays can show model breaches according to where they fit within the MITRE ATT&CK framework and integrations with various third-party CVE providers enrich context and provide additional vulnerability insights.
Darktrace’s Cyber AI Analyst product, an automated investigation technology, has also undergone changes to explain the processes behind the AI-powered analysis, investigation, and reporting all of which it does in a more comprehensive way. Cyber AI Analyst’s incident display leverages a unique application of natural language processing to clearly outline the steps a human analyst would take if analyzing the same activity, and highlights a concise incident summary outlining each stage, which is easy to understand and quick to triage. It also displays events linked to a particular incident, associated users, destination ports, protocols used, as well as a full breakdown of the actions that were taken by the technology.
Antigena, Darktrace’s Autonomous Response technology, has also been extended to new coverage areas within a digital enterprise, including a new configuration area for endpoint devices as well as combined SaaS and email coverage. By establishing areas of the business where Antigena can autonomously neutralize in-progress attacks in real time, without the need for human input, operators are empowered to be more strategic. Machine learning makes thousands of micro-level decisions, allowing human analysts to operate on a macro level, making the important decisions that require business context, while still maintaining full control over their environment.
“The hallmark of a great AI solution is the ability to surpass automation to seamlessly blend into users’ everyday work rhythm. With the latest release of Darktrace’s Enterprise Immune System, we really kept the user at the forefront of all UX/UI design decisions, from the beginning to the end of the AI product development life cycle,” said Jack Stockdale OBE, CTO Darktrace. “When developing Darktrace Cyber AI products, our goal is to augment and uplift the security team to make the task at hand more efficient, so the end product is very intuitive and helps users in their workflow journeys.”