Embrace the cloud, manage the risks.
Initial Intrusion
Darktrace has revealed well-known exploits such as Log4J, Hafnium, Kaseya, as well as thousands of lesser-known exploits on a regular basis.
Establish Foothold and Beaconing
When an attacker attempts to make contact with and remotely control a device, Darktrace pieces together subtle anomalies.
Darktrace RESPOND/Cloud neutralizes this activity blocking specific connections or enforcing the ‘pattern of life’
Lateral Movement
As an attacker begins to increase their knowledge of the network, perform scans, and escalate their privileges - for instance by obtaining admin credentials, DETECT / Cloud correlates thousands of data points.
Darktrace RESPOND/Cloud neutralizes this activity blocking specific connections or enforcing the ‘pattern of life’
Data Exfiltration
Whether smash and grab or a low and slow, DETECT / Cloud identifies subtle deviations in activity.
Darktrace RESPOND/Cloud neutralizes this activity blocking specific connections or enforcing the ‘pattern of life’
Data Encryption
Even if familiar tools and methods are used to conduct encryption - whether symmetric or asymmetric - Darktrace detects the activity without using static rules or signatures. It identifies unusual behavior that may include:
Darktrace RESPOND/Cloud neutralizes this activity blocking specific connections or enforcing the ‘pattern of life’
Insider Threat
Whether a malicious leaver or a careless employee disregarding company policy, Darktrace’s understanding of normal patterns of life allows it to stop threats on the inside.
Supply Chain Attack (Third Party Software Vulnerability)
Darktrace stops threats arising from the supply chain by taking immediate action at the first sign of unusual and threatening activity.
Crypto-Mining
Malicious crypto-mining is notoriously difficult to detect, and can exploit cloud platforms at great cost to the organizations deploying them.
Darktrace shines a light on open ports and internet-facing devices you didn’t know about, and detects the first stages of an attack before crypto-mining can even begin. It also alerts to crypto-mining activity itself, and can be configured to stop the activity autonomously.
Credential Harvesting
Credential stuffing is a type of brute-force attack that relies on automated tools to test large volumes of stolen usernames and passwords across multiple sites until one works.
In the cloud space, Darktrace can detect credential stuffing through a number of unusual behaviors - and respond to the account following it.
Mergers & Acquisitions
Darktrace/Cloud makes it simple to incorporate new cloud environments into your company infrastructure without opening vulnerabilities.