• New innovations and integrations bolster visibility, enhance autonomous response, and introduce additional proactive risk management capabilities for evolving perimeter-less and distributed network architectures.

CAMBRIDGE, UK, April 22, 2025 — Darktrace, a global leader in AI for cybersecurity, today announced enhancements to its Network Detection and Response (NDR) solution to address the complex demands of modern enterprise networks. These latest innovations and integrations continue to extend beyond traditional NDR solutions to offer deeper visibility, more precise autonomous response, new proactive risk management capabilities, and integrations to augment novel threat detection for Secure Access Service Edge (SASE) and Zero Trust Network Access (ZTNA) technologies.

The news comes on the heels of enhancements to Darktrace Cyber AI Analyst™, which pushes the boundaries of NDR by conducting AI-led investigations of all relevant alerts, including alerts from third party solutions, to reduce triage time and allow analysts to spend more time on validation, response and proactive tasks.

As organizations increasingly rely on hybrid work and distributed cloud applications, the network perimeter has dissolved, creating new blind spots and response challenges for security teams. With adversaries using cloud services to move undetected throughout the network, it’s critical that security teams use AI-powered solutions to accurately detect and contain known and novel attacks at machine speed anywhere in the enterprise. AI can also use its knowledge of how an organization works to guide security teams on how to proactively prevent threats and reduce risks across their people, process, and technology. According to Darktrace’s 2025 State of AI Cybersecurity report, 55% of security professionals expect defensive AI to have the biggest impact on network security.

“At Darktrace, we’re not just enhancing NDR, we’re redefining it. Unlike traditional NDR solutions that rely on signature-based approaches to catch known threats, Darktrace uses Self-Learning AI to find unknown threats that these systems miss," said Connie Stride, SVP of Produce, Darktrace. "We’re providing the visibility, real-time detection and autonomous response capabilities that customers need to defend against fast-moving and changing threats—whether they originate from a remote worker device, a misconfigured SaaS app, or a compromised internal server. These new features and integrations are designed to help organizations rebuild their security operations around AI and create proactive cyber resilience to protect their complex digital environments.”

Highlights of the new capabilities include:

• Increased Visibility of Threats to Remote Workers with Netskope Cloud TAP: A new integration with Netskope enables Darktrace to ingest raw, decrypted network traffic to detect unknown, novel and active threats targeting remote workers using SASE environments. The Netskope NewEdge Network enables fast performance for traffic packet capture between users and offices and the Netskope One platform across the globe with the ready-to-use Darktrace integration. This visibility reduces blind spots for customers even as network traffic flows shift further away from traditional network perimeters.
• Enhanced Autonomous Response for Zscaler Private Access: Darktrace can now deliver response actions at machine speed for remote user devices by integrating with Zscaler’s Zero Trust Network Access service. After Darktrace detects an active threat allowed within existing policies, this new capability enables security teams to autonomously shut down access using ZPA and stop suspicious activity on remote devices at machine speed, buying valuable containment time for analysts to confirm investigation results and remediate.
• Support for Decrypted Traffic via Mira: The new integration with Mira ETO allows organizations that choose to decrypt for compliance to analyze network traffic in its plaintext form. This integration maintains the encrypted traffic’s context while enabling more in-depth anomaly detection, adding to Darktrace’s leading Self-Learning AI, which can already detect novel threats without the need to decrypt traffic.
• Custom Routes for Autonomous Response in Complex Networks: A new module allows organizations to define custom pathways for Autonomous Response actions that stop the malicious action while maintaining production activity, allowing for more precise threat containment even in highly segmented network environments.
• Attack Path Finder and New Risk Management Reports: Darktrace is introducing a searchable risk visualization dashboard that maps out all attack paths between assets and vulnerable users, not just the critical paths, helping teams prioritize and proactively build resilience. The solution includes three new automatically generated reports that are designed to highlight the impact and success of risk management activity and demonstrate ROI to stakeholders.‍
• Expanded Protocol Analysis: With new support for WebSocket, Darktrace extends detection coverage into real-time communication channels often used in live chat and streaming applications, which can be targeted by attackers.

These advancements build on Darktrace’s leadership in the NDR space. The company was recently recognized as a Leader in the 2024 IDC MarketScape for Worldwide Network Detection and Response and an overall leader in KuppingerCole’s 2024 Leadership Compass for NDR. Darktrace’s unique approach to NDR helps organizations of all sizes free up their teams to build and maintain a state of proactive cyber resilience. For example, HARMAN International uses Darktrace to automatically detect and respond to the majority of potential threats, elevating their security analysts to analyze critical threats raised by Darktrace Cyber AI Analyst as requiring immediate attention. Currently, analysts receive 15-20 such alerts daily and can investigate and respond to potential threats much faster using actionable insights from Darktrace / NETWORK.

Darktrace’s Self-Learning AI is the backbone of its NDR solution, uniquely learning the normal ‘pattern of life’ for every network entity and user. Unlike traditional approaches that rely on threat signatures or manual rule-setting, Darktrace uses its knowledge of the organization to identify and contain known and unknown threats in real-time, utilizing that data to not only investigate all relevant alerts with Cyber AI Analyst™, but also provide recommendations for security improvements ensuring organizations stay ahead even as adversaries evolve. The Darktrace ActiveAI Security Platform™ extends beyond the capabilities of traditional NDR solutions and helps organizations transform existing security operations with AI, while maintaining a state of network resilience with AI-led risk prioritization, proactive incident readiness and bespoke recovery playbooks.

Additional Resources

• Customers can read more about the new NDR integrations and features, along with other new updates, by visiting the Darktrace Customer Portal.
• Learn more about how NDR and ZTNA work together to achieve network security outcomes on the Darktrace blog.
• Visit Darktrace at RSA Booth S-2227 or meet with one of our subject matter experts on site.

About Darktrace

Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting organizations from unknown threats using its proprietary AI that learns from the unique patterns of life for each customer in real-time. The Darktrace ActiveAI Security Platform™ delivers a proactive approach to cyber resilience to secure the business across the entire digital estate – from network to cloud to email. It provides pre-emptive visibility into the customer’s security posture, transforms operations with a Cyber AI Analyst™, and detects and autonomously responds to threats in real-time. Breakthrough innovations from our R&D teams in Cambridge, UK, and The Hague, Netherlands have resulted in over 200 patent applications filed. Darktrace’s platform and services are supported by over 2,400 employees around the world who protect nearly 10,000 customers across all major industries globally. To learn more, visit http://www.darktrace.com.

‍

‍

‍

‍

‍