Darktrace updates flagship platform to aid security teams
Darktrace has announced the general availability of a new update to its flagship platform, designed to help human security teams with a simplified workflow that allows them to operate at scale under a demanding cybersecurity landscape.
With more than 80 new features and 70 additional machine learning models, there are three main categories of upgrades, the company states:
- A new UX/UI design enhancing and streamlining workflows.
- Explainable AI that communicates decisions and actions in plain English.
- AI capable of making micro-decisions allowing human experts to make macro-decisions.
The Enterprise Immune System, the AI detection engine, has both improved usability and a streamlined workflow, Darktrace states.
Customisable filters are now able to display threats by classification, for instance critical incidents or those relating to compliance. In addition, users can view model breaches based on device type to help quickly identify those in the most vulnerable position.
Threat investigation displays can show model breaches according to where they fit within the MITRE ATT-CK framework and integrations with various third-party CVE providers enrich context and provide additional vulnerability insights.
Darktrace's Cyber AI Analyst product, an automated investigation technology, has also undergone changes to explain the processes behind the AI-powered analysis, investigation and reporting - all of which it does in a more comprehensive way, the company states.
Cyber AI Analysts incident display leverages a application of natural language processing to clearly outline the steps a human analyst would take if analysing the same activity, and highlights a concise incident summary outlining each stage, which is easy to understand and quick to triage.
It also displays events linked to a particular incident, associated users, destination ports, protocols used, as well as a full breakdown of the actions that were taken by the technology.
In addition, Antigena, Darktrace's Autonomous Response technology, has been extended to new coverage areas within a digital enterprise, including a new configuration area for endpoint devices as well as combined SaaS and email coverage.
By establishing areas of the business where Antigena can autonomously neutralise in-progress attacks in real time, without the need for human input, operators are empowered to be more strategic.
Machine learning makes thousands of micro-level decisions, allowing human analysts to operate on a macro level, making the important decisions that require business context, while still maintaining full control over their environment.
Darktrace CEO, Jack Stockdale OBE, says, “The hallmark of a great AI solution is the ability to surpass automation to seamlessly blend into users' everyday work rhythm.
"With the latest release of Darktrace's Enterprise Immune System, we really kept the user at the forefront of all UX/UI design decisions, from the beginning to the end of the AI product development life cycle.
"When developing Darktrace Cyber AI products, our goal is to augment and uplift the security team to make the task at hand more efficient, so the end product is very intuitive and helps users in their workflow journeys.