iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
Darktrace has released a new update to its flagship platform designed to empower human security teams with a simplified, streamlined workflow that allows them to operate at scale under an increasingly demanding cyber security landscape.
Darktrace’s Cyber AI Analyst product, an automated investigation technology, has also undergone changes to explain the processes behind the AI-powered analysis, investigation and reporting all of which it does in a more comprehensive way.
Cyber AI Analyst’s incident display leverages a unique application of natural language processing to clearly outline the steps a human analyst would take if analysing the same activity, and highlights a concise incident summary outlining each stage, which is easy to understand and quick to triage. It also displays events linked to a particular incident, associated users, destination ports, protocols used, as well as a full breakdown of the actions that were taken by the technology.
Antigena, Darktrace’s autonomous response technology, has also been extended to new coverage areas within a digital enterprise, including a new configuration area for endpoint devices as well as combined SaaS and email coverage.
By establishing areas of the business where Antigena can autonomously neutralise in-progress attacks in real time, without the need for human input, operators are empowered to be more strategic. Machine learning makes thousands of micro-level decisions, allowing human analysts to operate on a macro level, making the important decisions that require business context, while still maintaining full control over their environment.
With over 80 new features and 70 additional machine learning models, there are three main categories of upgrades:
The Enterprise Immune System, the AI detection “engine”, has both significantly improved usability and a streamlined workflow. Customisable filters are now able to display threats by classification, for instance “critical” incidents or those relating to compliance.
In addition, users can view model breaches based on device type to help quickly identify those in the most vulnerable position. Threat investigation displays can show model breaches according to where these fit within the MITRE ATT&CK framework and integrations with various third-party CVE providers enrich context and provide additional vulnerability insights.
According to Jack Stockdale OBE, CTO at Darktrace, the hallmark of a great AI solution is the ability to surpass automation to seamlessly blend into users’ everyday work rhythm.
“With the latest release of Darktrace’s Enterprise Immune System, we really kept the user at the forefront of all UX/UI design decisions, from the beginning to the end of the AI product development life cycle.
“When developing Darktrace Cyber AI products, our goal is to augment and uplift the security team to make the task at hand more efficient, so the end product is very intuitive and helps users in their workflow journeys,” Stockdale said.
[Related: Viatek achieves critical information security and quality management certifications]
Be the first to hear the latest developments in the cyber industry.
