Darktrace, a global leader in cybersecurity AI, today, has officially announced the launch of Darktrace ActiveAI Security Platform, which leverages the company’s existing best-in-class security products, a set of new industry-first innovations and features, and AI to transform security operations and improve cyber resilience. According to certain reports, the stated platform comes decked up with an ability to identify weaknesses in security controls and processes before they are exploited, Capable of detecting and responding to both unknown and known threats, the Darktrace ActiveAI Security platform can also automate the investigation of every alert to completion, and therefore, reduce the manual triage process. Markedly enough, this the platform can do across cloud, email, network, endpoint, identity, and OT, as well as third-party tools and applications. Talk about the whole value proposition on a slightly deeper level, we begin from the solution’s promise to conceive more explainable, automated, and customizable investigations for all alerts. You see, by banking upon Darktrace Cyber AI Analyst™, the stated solution will now be able to reveal the results of its investigations for every security alert, rather than just those escalated to an incident. Interestingly enough, users can also configure this Cyber AI Analyst™ to perform investigations that are tailored to each business’s unique needs.
Next up, we have the decryption feature where new integrations with third-party network solutions are available to provide users with decrypted traffic feeds and decryption keys. Here, you are also likely to come across native decryption for Microsoft Windows and Apple Mac applications, including internet browsers. Joining that would be the new firewall analysis to pre-empt threats. This talks to how Darktrace’s PREVENT/End-to-End™ solution, which provides pre-breach preparation, now has the necessary means to analyze firewall rules. Such a feature, like one might guess, enables the solution to have a more comprehensive view of potential unauthorized traversal points or attack paths within IT, OT, or in between, thus giving the user a better chance at identifying risks in configuration and pre-empt threats.
Beyond that, Darktrace took this opportunity to also introduce enhancements for its best-in-class email and OT security solutions. In the former’s case, the company will deliver new data loss prevention capabilities that are to use AI to detect abnormal user behavior and changes across content beyond those offered by native email providers. Then, we have the prospect of availing coverage for Microsoft Teams. This includes detecting and stopping novel, insider, and sophisticated early phishing threats across the solution, threats which are often missed by other solutions, especially when communications span both collaboration and email tools. Moving on to is a new Mailbox Security Assistant, it is understood to reduce reporting of potential false positives by upto 60 percent. You see, using natural language summary and context of why an email may be malicious, the solution improves user’s knowledge and decreases the risk of successful phishing attempts.
As for the updates introduced across Darktrace/OT, they transcend capabilities your traditional Common Vulnerability and Exposure (CVE) scoring to help organizations identify, prioritize, mitigate, and continuously review the risks, as well as potential attack paths that are specific to their OT infrastructure. On top of that, Darktrace/OT is now well-equipped to evaluate each business’s defenses against the tactics of Advanced Persistent Threat (APT) Groups. Hold on, there is more, considering we still haven’t mentioned the solution’s newfound ability to map MITRE techniques and known threat groups tools, tactics, and procedures (TTPs) against unique attack paths identified within the business.