Darktrace fills the gaps between security systems that are often siloed and allows for more effective allocation of staffing resources.
At a glance:
Relies on Microsoft and Darktrace for protection across multi-cloud environments
Self-Learning AI protects the entire enterprise – from cloud to endpoint devices
Automated investigations with Cyber AI Analyst buy back time for the security team
Defending the Cloud With AI
Scope Markets is 100% cloud-based, utilizing public cloud infrastructure and Microsoft 365. While its comprehensive migration to the cloud has facilitated flexible working and fast growth over the last four years, it has simultaneously expanded the attack surface and exposed the organization to new threat vectors.
The team at Scope Markets were already leveraging Microsoft security products – including Sentinel and Defender for Endpoint – to catch known cyber-attacks but turned to Darktrace to complement these solutions with an additional layer of insight. Darktrace uses Self-Learning AI to stop novel and sophisticated threats, the 'unknown unknowns' that evade signature-based tools.
The technology was set up in under an hour and immediately began learning from scratch, developing a continuously evolving 'pattern of life' for the organization, enabling it to detect subtle deviations indicative of attack.
Unified visibility and multidimensional insight are critical to ensuring protection for organizations like Scope Markets that fully leverage the cloud. Darktrace's Self-Learning AI correlates activity across SaaS applications, like Salesforce and Microsoft 365, cloud services, like AWS and Azure, and all on- and off-premise digital infrastructure to detect any and all malicious activity.
Furthermore, Darktrace's open architecture enables seamless integrations with disjointed defenses, streamlining alerts for the IT security team and instantly correlating insights across multiple siloes.
Endpoint Security: A Holistic View
Darktrace's Self-Learning AI takes into account activity from across the enterprise – from cloud applications to the corporate network, and down to the endpoint – something the security team found particularly valuable following the sudden transition to remote working in 2020.
Employees who were previously protected behind firewalls on office desktops were left more vulnerable to fraudulent or malicious websites. Having Darktrace on the endpoint shed a light on the anomalous activity that could expose the business to harm.
Learning the unique 'patterns of life' for every user and device within Scope Markets' cyber ecosystem, Darktrace provides a holistic view of the digital business to detect subtle indications of cyber-threat.
According to Scope Markets' Head of IT Infrastructure, Terry Wright, "If something unusual happens on the endpoint and, minutes later, something unusual happens on Microsoft 365, Darktrace can recognize them as part of the same incident. We didn't have that before."
Augmenting the Human With Autonomous Investigations
In addition to protecting against novel and sophisticated threats, Darktrace helps augment the security team at Scope Markets with Cyber AI Analyst, which automatically triages, interprets, and reports on the full scope of security incidents.
The technology combines expert analyst intuition with the consistency, speed, and scalability of AI. Wright's team use Cyber AI Analyst to illuminate the highest priority threats at any one time, with the technology rapidly synthesizing all of the context around an attack into a natural language report. "Our alerts can be filtered with Self-Learning AI so that they're more relevant, saving time for our security team and enabling more efficient allocation of staffing," says Wright.
Self-Learning AI investigates behavior on the endpoint alongside behavior in Microsoft 365 and across our entire cloud environment.