Darktrace / IDENTITY use cases

Understanding your users

Darktrace / IDENTITY is built around understanding your users’ normal behaviors. See how specific threats can lead to breaches.

Account Hijack

Whether through credential harvesting, password spraying, or a data dump on the Dark Web, attackers can compromise cloud accounts through various means. Once they do, they have access to all of the account owner's data and communications.

Darktrace/Apps reveals account takeovers from multiple unusual signals at the login stage or immediately after.

DARKTRACE - Better Together

Even better when deployed with:
Sample analysis of Darktrace / IDENTITY
Every threat is different, but here are some unusual patterns Darktrace / IDENTITY might assess when revealing this type of attack:
Unusual SaaS Administrative Login
Unusual S3 Resource Modification
Multiple Failed Login Attempts
Unusual Time or Location for Login
Unusual Login Source for Key User

Insider Threat

While most cloud application security tools assume trust when a known user logs in, Darktrace shines a light on threatening or pernicious activity undertaken by careless or malicious insiders.

Sample analysis of Darktrace / IDENTITY
Insider threat comes in many forms, but here are some examples of activity Darktrace / IDENTITY might detect:
Unusual S3 Resource Creation
Unusual SaaS Sensitive File Access
Large Volume of SaaS Downloads
Unusual S3 Resource Modification
Unusual S3 File Download

Data Loss

Darktrace stops threats arising from the supply chain by taking immediate action at the first sign of unusual and threatening activity.

DARKTRACE - Better Together

Even better when deployed with:
Sample analysis of Darktrace / IDENTITY
Every threat is different, but here are some unusual patterns Darktrace / IDENTITY might assess when revealing this type of attack:
Unusual SaaS Sensitive File Access
Your data. Our AI.
Elevate your cybersecurity with Darktrace AI