Press Release

April 14, 2023 11:42 AM

Updated statement regarding LockBit claims

Mike Beck, Chief Information Security Officer, Darktrace

We have completed a thorough security investigation following yesterday’s tweets by LockBit claiming they had compromised Darktrace’s internal systems. We can confirm that there has been no compromise of our systems or any of our affiliate systems. Our service to our customers remains uninterrupted and is operating as normal and no further action is required.

Press Release

April 13, 2023 9:30 AM

Statement regarding LockBit claims

Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise. None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected.


Press Release

Darktrace Unveils New Cloud-Native Security Solution Using AI to Provide Real-Time Cyber Resilience for Cloud Environments

Cambridge, UK
October 26, 2023
  • New Darktrace/Cloud™ solution now available via the AWS Marketplace; provides a real-time, architecture-based view of cloud environments so businesses can easily and quickly act against evolving threats and misconfigurations, and strengthen compliance.

Darktrace, a global leader in cyber security AI, today unveiled a new Darktrace/Cloud™ solution based on its unique Self-Learning AI. The new solution provides comprehensive visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized recommendations and actions to help security teams manage misconfigurations and strengthen compliance. When combined with insight from Darktrace solutions for network, email, apps, zero trust and endpoint, Darktrace/Cloud provides a deeper, contextualized understanding of the risks and threats currently facing an organization’s digital estate.  

According to a recent report, “Gartner® anticipates over 99 percent of cloud breaches will be based on a customer error, account takeover or misconfiguration until 2027”[1]. Cloud environments are constantly evolving so security professionals need to increase the level of visibility while keeping up with changing compliance, risk and security requirements. The rise of cloud-native technologies including containers, Kubernetes and microservices also require new tools and techniques for detecting and responding to known and novel threats.

 

Unlike static cloud security tools that provide snapshots of a specific point in time, Darktrace/Cloud is real-time, all the time. Our Self-Learning AI continuously learns patterns between workloads, assets, policy configurations and identities to provide a dynamic view of cloud architectures. We analyze the entire cloud stack from data to control plane, combining an understanding of architecture and network with a new flexible, scalable deployment model,” said Jack Stockdale, Chief Technology Officer, Darktrace. “Our innovative approach to cloud security is built on more than a decade of leadership in Cyber AI that is already protecting our customers’ critical business areas from network and email to operational technology.”

Available today, the new capabilities in Darktrace/Cloud include:

  • Comprehensive visibility and architecture modeling for insights into the constantly changing nature of cloud environments . This visibility is constructed dynamically from configuration, network, users and identity and access management (IAM) data. Darktrace establishes patterns of life for cloud resources, identities, and services to understand who has access to what and how. This is critical for detecting anomalies and unknown threats.
  • Universal attack path modeling provides a dynamic view of where attackers may look to move next . Darktrace brings together real-time cloud data and a deep understanding of your cloud environment with a platform approach that provides insights about risks from other covered areas of the business (e.g., network, email) to highlight potential attack paths and prioritize important assets to secure.
  • Unique real-time and cloud-native threat detection and response that provides a dynamic view of known and novel threats within the cloud. Darktrace combines deep cloud attack path knowledge with real-time anomaly and threat detection through cloud-native autonomous response actions, such as detaching a policy from a user or removing a workload from a security group.    
  • Prioritized cloud posture management that starts by examining cloud configurations against common compliance frameworks. Where misconfigurations are detected, Darktrace provides a prioritized view of what to fix first, based on a risk profile generated from security and business context. Guided steps can be provided to help teams proactively address these before they become a significant issue.
  • Cost discovery to provide a better understanding of cloud resource allocation. This helps teams contextualize their cloud resources according to security and business priorities.
  • Communication and collaboration capabilities to streamline workflows between security teams and DevOps teams. Tickets can be created on demand, teams can communicate directly via messaging platforms, and alerts and anomaly detections can be sent to Security Information & Event Management (SIEM) or Security Orchestration, Automation and Response (SOAR) products and the Darktrace Mobile app so they can be alerted on the go.
  • Flexible deployment options include an agentless deployment by default so organizations can be up and running in minutes. Teams can use the dynamic architectural view and risk context to decide where to deploy agents for enhanced real-time actions and deeper inspection.

Sykes Cottages, a cloud-native travel agency platform in the UK, has experienced significant growth in the last five years and has relied on the cloud to help them scale throughout this period.

When it comes to cybersecurity, having visibility and an understanding of what you’ve got and your risks is critical. If I don’t know it’s there, I can’t protect it,” said Jonny Mattey, Head of Cybersecurity, Sykes Cottages. “Having a holistic, live view of our cloud environment enables us to work pragmatically and use AI to cut down management time so that we can address security risks and improve our resilience.”

The new Darktrace/Cloud solution is now available on Amazon Web Services (AWS) through the AWS Marketplace, a curated digital catalog that makes it easy for customers to find, buy, deploy, and manage the third-party software they need to build solutions and run their business. Darktrace and AWS have been collaborating since 2017 to help organizations secure their AWS environments. Darktrace protects AWS environments for organizations around the world including Sunwest Bank and ProPhase Labs. Darktrace is an AWS Security Competency Partner and is part of the AWS ISV Accelerate program.

Security is job zero at AWS,” said Paddy Fitzpatrick, Director – Independent Software Vendors, UK & Ireland at Amazon Web Services. “As the threat landscape continues to evolve, the availability of AI-based tools like Darktrace/Cloud on the AWS Marketplace will help customers to gain increased visibility, and respond more effectively to security risks and threats.”

Darktrace first extended its Cyber AI capabilities to cloud environments in 2016, applying its world class algorithms to granular network traffic. Darktrace/Cloud was recently named Cloud Security Product of the Year for Large Enterprises by Computing Magazine in its 2023 Cloud Excellence Awards.

Learn more about the new enhancements to Darktrace/Cloud by tuning into the launch event at 11:30am ET/4:30pm BST.

Citations

[1] Gartner, Quick Answer: Can My Cloud Service Provider Defend Against Cyberthreats?, Charlie Winckless, 28 September 2023. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

ABOUT DARKTRACE

Darktrace (DARK.L), a global leader in cyber security artificial intelligence, is on a mission to free the world of cyber disruption. Breakthrough innovations in our Cyber AI Research Centre in Cambridge, UK have resulted in over 160 patents filed and research published to contribute to the cyber security community. Rather than study attacks, Darktrace's technology continuously learns and updates its knowledge of your business data and applies that understanding to optimise your state of optimal cyber security. Darktrace's cyber AI technology provides a full lifecycle approach to cyber resilience across the entire organisation that can autonomously spot and respond to novel in progress threats within seconds. Darktrace employs over 2,200 people around the world and protects approximately 8,900 customers globally from advanced cyber threats. Darktrace was named one of TIME magazine's 'Most Influential Companies' in 2021. To learn more, visit http://www.darktrace.com.

News coverage
News publication logo

Darktrace Unveils New Cloud-Native Security Solution Using AI to Provide Real-Time Cyber Resilience for Cloud Environments

October 26, 2023

cv
Darktrace named a Challenger in first Gartner® Magic Quadrant™ for Email Security Platforms ·      Evaluated on Completeness of Vision and Ability to Execute Darktrace, a global leader in AI for cybersecurity,today announces that Darktrace / EMAIL™, has been recognized in thefirst ever Gartner Magic Quadrant™ for Email Security Platforms (ESP) as a Challenger. Chris Kozup, Chief Marketing Officer, Darktrace, said of therecognition: “We are extremely proud to have been recognized in the first MagicQuadrant for ESP.  We believe the factthat wehave seen such wide scale adoption is testament to the unique way in which wedevelop products to keep our customers safe from even the most sophisticated emailcompromises. We believe our placement reaffirms our dedication to deliveringexceptional customer service, and innovations that safeguard against the emailchallenges of today—and tomorrow.” Darktrace customers consistently acknowledge its exceptional customersupport, delivered by an award-winning[1]service team. Darktrace has the highest percentage of 5-star ratings with a 4.8rating on Gartner® Peer Insights™ out of 249 reviews as on[MW1]  19th December. We feel this unwavering commitment to customersatisfaction is evident in strong renewal rates and accelerated growth inDarktrace / EMAIL over the past few years, gaining almost 5,000 customers sinceits launch in 2019. Darktrace / EMAIL, one of the fastest-growing emailsecurity products on the market, is built on Darktrace’s unique Self-LearningAI, a multi-layered AI engine that leverages different types of AI includingNLP and behavioral analysis to detect threats, instead of traditional securitymeasures such as signatures and sandboxing. This approach enables Darktrace todetect and stop threats like business email compromise attacks and noveltechniques, including some 56% of which passed through customers’ other emailsecurity layers. This pioneering approach has enabled Darktrace to introduce industry-leadingcapabilities such as QR code analysis and automated incident investigations, alongsidedifferentiated functionality to help teams add new depth to their emailsecurity, including: Account     take over and Lateral mail account compromise protection.     Contributing yet another layer to the AI behavioural profile for each     user, security teams can now spot early symptoms of account compromise or     malicious insiders before a link or attachment payload is sent, and     exfiltration occur   Microsoft Teams security with advanced messaging analysis: Advancing beyond simple text analysis to     behavioral and natural language content analysis that tracks context     across both email and instant messaging to identify the approximately 38% of     phishing, sophisticated social engineering and novel insider threats other     solutions fail to capture ·      Drastically improveend user reporting with Cyber AI Analyst narratives: Real-time awareness training capabilities reduce falsepositives in phishing investigations by up to 60% by providing context specificanalysis of each received email to each employee as they interact with their mail.·       MailboxSecurity Assistant to increase security team operational efficiency: All forms ofsecondary investigations can now automatically perform advanced behavioralbrowser analysis and stop malicious links within webpages, reducing manualeffort of security analysts to detecting phishing links, and allowing them to remediateup to 70% more malicious phishing links than before.·       AI based,autonomous data loss prevention: to immediately protect organizations from misdirected emails,insider threats, and data loss—both classified and unclassified – using userbehavior and dynamic content analysis to determine sensitivity, removing administrativeoverhead from manual expressions and labeling.Marco Cavallo, IT Manager at Darktrace / EMAIL customer Arpa Industries comments:“During the POV, Darktrace / EMAIL showed how specific attacks weresurgically blocked. We realized that other tools wouldn’t have detected thesethreats.” Darktrace / EMAIL is part of Darktrace’s ActiveAI Security Platform™,offering network, cloud, endpoint, identity and operational technologyprotection from a single shared architecture, all built on Darktrace’s uniqueAI engine – providing a strong, integrated approach to threat prevention,detection and response across an organization’s entire digital footprint. Darktrace’s global presence supports a diverse and varied customer base,and adapts proactively to customer pain points of all kinds. Darktrace’sadaptability across all market segments, from SMBs to large enterprisessupports both first time email security buyers and mature email securitystacks. It is able to meet varied security needs with lower setuprequirements, includes capability for advanced depth in configuration and,particularly for mature organizations, can augment existing security providerswith additional protections.   Download the fullMagic Quadrant for Email Security Platforms here Resources:·      Read more onthe Darktrace Blog·      Read more abouthow business email compromise attacks are evolving on The Inference  Gartner disclaimersGartner, Magic Quadrant for EmailSecurity Platforms, Max Taggett, Nikul Patel, Franz Hinner, Deepak Mishra, 16December 2024 GARTNER is a registered trademarkand service mark of Gartner and Magic Quadrant and Peer Insights are aregistered trademark, of Gartner, Inc. and/or its affiliates in the U.S. andinternationally and are used herein with permission. All rights reserved.
Gartner Peer Insights content consists of the opinions of individual endusers based on their own experiences with the vendors listed on the platform,should not be construed as statements of fact, nor do they represent the viewsof Gartner or its affiliates. Gartner does not endorse any vendor, product orservice depicted in this content nor makes any warranties, expressed orimplied, with respect to this content, about its accuracy or completeness,including any warranties of merchantability or fitness for a particularpurpose. Gartner does not endorse any vendor,product or service depicted in its research publications and does not advisetechnology users to select only those vendors with the highest ratings or otherdesignation. Gartner research publications consist of the opinions of Gartner’sresearch organization and should not be construed as statements of fact.Gartner disclaims all warranties, expressed or implied, with respect to thisresearch, including any warranties of merchantability or fitness for aparticular purpose.  About DarktraceDarktrace is a global leader in AI for cybersecurity that keepsorganizations ahead of the changing threat landscape every day. Founded in2013, Darktrace provides the essential cybersecurity platform protectingorganizations from unknown threats using its proprietary AI that learns fromthe unique patterns of life for each customer in real-time. The DarktraceActiveAI Security Platform™ delivers a proactive approach to cyber resiliencewith pre-emptive visibility into security posture, real-time threat detection,and autonomous response – securing the business across cloud, email,identities, operational technology, endpoints, and network. Breakthroughinnovations from our R&D teams in Cambridge, UK, and The Hague, Netherlandshave resulted in over 200 patent applications filed. Darktrace’s platform andservices are supported by over 2,400 employees around the world who protectnearly 10,000 customers across all major industries globally. To learn more,visit http://www.darktrace.com.   ---- 
[1] Darktrace wins two Globeeawards for excellent customer service [PressRelease] [MW1]shouldthis be 'of'