Before turning to Darktrace, Bank One already had well-tuned traditional email security tools firmly in place, which were successful in dealing with spam and known attacks. However, with the pace of attacker innovation, the organization sought to extend its security stack with technology that analyzed each email in context and protected against the most sophisticated threats which often evade traditional email tools on the marketplace. Darktrace's Antigena Email has provided an additional layer of defense against:

Advanced impersonation attacks: Modern impersonation attacks involve the attacker inserting themselves in existing conversations between the bank and its customers, using spoofing techniques and sending fraudulent transaction requests.

‍
Advanced spear phishing using cloud services: Phishing attacks in which the email does not contain any direct phishing link or malicious content, but the recipient is directed to a genuine page which in turn contains the phishing  link or malware.

‍
Novel malware: Newly released malware for which there is no Threat Intelligence available.

‍
"Antigena  Email  has  helped  us  address  a  major  security  concern,"  explains Sanjeev Jhurry,  Head  of  Information  Security  at  Bank  One.  "It  is  like  having one additional resource on the team; we are very impressed."
"Darktrace's AI complements our traditional email security systems as it adds another protection layer on top of predefined rules," said Mathieu Mariole, Information Security Manager at Bank One. "The number of threats is increasing every day and it's clear that traditional defenses are not bulletproof. Darktrace's AI helps us detect novel and sophisticated attacks that evade traditional tools".

Antigena Email proved its value after it stopped a supply chain attack targeted Bank One, in which a trusted partner's account was taken over and emails were sent to Bank One disguised as legitimate RFPs but containing malicious links. Antigena recognized these emails were unusual in the context of prior correspondence and locked the links, effectively containing the attack.
"It has been almost perfect in stopping malicious emails," explained Sanjeev. "We have started producing metrics on its capabilities and I must say it's impressive. I find it impossible now to imagine life without having this system protecting our emails."
The technology also frees up the team, allowing them to spend their time on more strategic work. As Mathieu explains, "as a small team, we could not afford to be constantly triaging emails or to look through logs and make sure that everything is working as intended."
Antigena Email has been a set-and-forget solution, requiring next-to-no manual configuration as it constantly learns about new threats and malicious behaviors by itself.
After seeing the power of Darktrace's AI in the email layer, Bank One is now trialing Darktrace's Enterprise Immune System to detect network-based threats. The technology uses the same underlying approach as Antigena Email, learning normal behavior and spotting subtle anomalies that indicate a cyber-threat. Having different areas of their digital infrastructure protected by a single approach will further improve the ability of the AI to detect and respond to emerging threats across the network and email layers.