DarkTrace's Enterprise Immune System uses Artificial Intelligence (AI systems) and unsupervised machine learning to understand what is normal in your network, and subsequently detect and respond to anything abnormal; this is not end-point security or perimeter-based security - it is situated at the core of the network, providing raw data and protecting against attacks coming in through any kind of computing devices. Any kind of 'smart' device is vulnerable – from cell phones and tablets to refrigerators and fish tanks. The AI learns itself in real time and is scalable up to millions of devices. It detects all forms of cyber-threat and fights back autonomously.
Artificial Intelligence and Computer Security Through Antigena
The automated response component of the Enterprise Immune System is known as Antigena. Antigena is a 'Digital Antibody' that is powered by AI technology and a sophisticated machine learning algorithm. Today's threats are fast and automated, and teams are struggling to keep up with security threats. Antigena responds to threats within two seconds with highly targeted, measured actions. Only actions directly related to the incident at hand will be blocked so as not to disrupt normal business operations.
The AI learning algorithm, 'Patterns of Life,' which are essentially patterns of normalcy, at multiple levels: device, individual, peer group, network, etc. The analysis is done vertically, as well as laterally, to ensure all patterns are learned. Because the AI learns what is normal at all levels of the network, there are no predetermined notions of what constitutes an attack built into the solution. The AI detects and responds to any abnormal or unusual event. For known attacks, such as the WannaCry virus, updates can be pushed through the software. The information security solution functions in real time, so you can replay a threat and watch the events leading up to the anomalous activity.
Antigena Security Solution Features
There are several features built into the solution at no additional cost to users. The omni-search bar at the top of the interface can be used to target an individual, a particular IP Address, or other specific units for closer monitoring. 'Ask the Expert' functions as a sort of Help Desk. Drag and drop any incident into the window and add notes to seek advice from your designated technician. The Executive Threat Report summarizes network activity at a high level for multi-department meetings and other similar purposes. The Dynamic Threat Dashboard is a favorite view among users, as it shows all abnormal activity and the details surrounding it in one pane of glass. Dark Trace has integrations with technology partners such as Palo Alto and Spunk, but it features an Open API.
If you have any questions about Vandis’ service offerings and how we can help improve your security and efficiency in the cloud, reach out to us today. Lastly, be sure to keep up to date with any future events we have in the pipeline to stay on top of computer security industry.