This blog outlines Darktrace's model-based anomaly detection and how security teams can leverage custom models for targeted threat hunts. Recently, Darktrace's Threat Research team applied this method in their report, "AI & Cybersecurity: The State of Cyber in UK and US Energy Sectors."

The biggest sources of risk in the cloud are misconfigurations, IAM failures, and infrastructure that is unprepared to handle cross-domain threats. Learn how AI-powered cloud security tools can help security teams identify and mitigate these risks.

In early 2025, Darktrace uncovered SocGholish-to-RansomHub intrusion chains, including loader and C2 activity, alongside credential harvesting via WebDAV and SCF abuse. Learn more about SocGholish and its kill chain here!

Discover why Darktrace is a launch partner for the Public Preview of Microsoft Azure Virtual Network Terminal Access Point (TAP).

Protecting against supply chain cyber-attacks means safeguarding not just your network, but your customers’ trust. Learn why securing vendor relationships is essential in today’s threat landscape.

Tycoon 2FA uses AiTM phishing and legitimate services to bypass MFA. Darktrace AI stopped it, read the blog to learn how Self-Learning AI detects sophisticated threats.

Learn how NDR and SASE solutions complement and interact with each other to create a robust network security strategy.

Docker is a prime target for malware, with new strains emerging daily. This blog explores a novel campaign showcasing advanced obfuscation and cryptojacking techniques.

Learn why EDR alone is not enough and how NDR uncovers and stops threats that disable or bypass endpoint security.

In a world of growing data volume and diversity, protecting and keeping track of your organization’s sensitive information is increasingly complex – particularly when 63% of breaches stem from malicious insiders or human error. This blog explores how security teams can achieve visibility beyond the limits of data classification, without adding to the burden of data management.

Learn how Darktrace’s DEMIST-2 embedding model delivers high-accuracy threat classification and detection across any environment, outperforming larger models with efficiency and precision.

Discover how Darktrace’s new DIGEST model enhances Cyber AI Analyst by using GNNs and RNNs to score and prioritize threats with expert-level precision before damage is done.

See how Darktrace Cyber AI Analyst™, an agentic AI virtual analyst, cuts through alert noise, accelerates threat response, and strengthens your security team — all without adding headcount.

Discover how anomaly detection deployed across core network segments delivers a more effective approach to ICS security.

Not only has Darktrace Federal achieved its FedRAMP High Authority to Operate, one of the few cybersecurity vendors to do this, but we have also released Darktrace Commercial Government Cloud High/Email, a FedRAMP High-compliant email security solution for customers using Microsoft Government Community Cloud High.

Darktrace detected an email bomb attack flooding inboxes with high volumes of messages, uncovering unusual email patterns and subsequent network anomalies.

While many internal teams contribute to general cloud hygiene, the security team has increasingly taken the lead on cloud security. Learn how AI-powered cloud detection and response tools can help these teams with new responsibilities.

Darktrace / OT is recognized as a Market Leader in the Omdia Market Radar. Read this blog to find out more about Darktrace's leadership in the market and a variety of other unique differentiators and innovations in the OT security industry.

This blog highlights how vulnerability data, collected using Cado's new vulnerability discovery feature, can be fused with threat data to help deepen the understanding of an attack, as well as guide remediation efforts.

Darktrace is proud to announce we’ve been the only Visionary in the inaugural Gartner® Magic Quadrant™ for Cyber-Physical Systems (CPS) Protection Platforms. Read the blog to find out why!

In late 2024, Darktrace detected unusual activity linked to Cyberhaven's Chrome browser extension. Read more about Darktrace’s investigation here.

Part 4/4: Darktrace shared new insights in the annual State of AI Cybersecurity report. This blog explores its findings on defenders’ priorities and objectives going into 2025. Discover the latest trends of major obstacles and the plans to overcome them by downloading the full report.

To strengthen its distributed and complex operations, this global technology leader implemented Darktrace / EMAIL to monitor, detect, and mitigate potential email threats. Read the blog to discover their results.

Part 3/4: Darktrace releases insights on the State of AI in cybersecurity. This blog discusses the impact of AI-powered attacks and the capabilities of AI defense on the SOC.

In 2024, Darktrace identified a cluster of intrusions involving the state-linked malware, ShadowPad. This blog will detail ShadowPad and the associated activities detected by Darktrace.