While conventional AI techniques rely on pre-labelled data sets and prior knowledge, Self-Learning AI learns ‘on the job’ from real-world data and constantly adapts. Today, this fundamental technology powers the entire range of Darktrace security solutions used across 6,500 organizations worldwide.
Darktrace’s product suite is powered by AI that learns every detail of your unique environment, building an evolving understanding of “self” to spot subtle deviations indicative of a vulnerability or threat. For every interaction across your digital ecosystem, Darktrace asks – Is this normal? – based on raw data points and AI-enhanced data features. Understanding you is the key to illuminating and interrupting the full range of cyber threats, from novel attacks to insider threats.
Self-Learning AI sits behind every component of the Cyber AI Loop™, empowering bespoke, comprehensive, always-on, and continuously evolving security solutions based on mathematical models unique to each individual organization, regardless of size or complexity. No two organizations are the same, and their security solutions shouldn’t be either.
In contrast to other AI approaches, which require data to be cleaned, labelled and moved to a centralized repository, Darktrace brings the AI to your data, wherever it lives.
Whether it is in the cloud and on email systems, across Operational Technologies or traditional networks and infrastructure, Self-Learning AI can be applied to any of these systems, without requiring data migration. It learns from scratch, and constantly evolves its understanding as the data environment changes.
Self-Learning AI thrives in complexity – the more users, devices and environments that the AI can analyze, the deeper its understanding becomes. It is constantly learning from new activity and data and builds greater cyber resilience over time.
In cyber security, it’s impossible to second-guess tomorrow’s attackers. Self-Learning AI identifies patterns that no one thought to look for, enabling it to uncover novel attacker behaviours that would otherwise go unnoticed.
Self-Learning AI is highly accurate in distinguishing between genuinely threatening behaviours, and unusual but benign activity. In fact, it’s so precise that it is capable of reacting to a cyber threat without human intervention while avoiding any disruption to the business.
Fast-moving cyber-attacks like ransomware can strike at any time, and security teams are often unable to react quickly enough. Autonomous Response uses Darktrace’s understanding of ‘self’ to take targeted action to stop in-progress attacks, without disrupting your business.
Powered by Self-Learning AI, Autonomous Response knows exactly the right action to take, at the right time, to contain an in-progress attack. The actions are precisely calibrated to ensure that the intervention is minimal, avoiding any disruption.
Regardless of time or day, or where the attack comes in — through the cloud, SaaS, email, or the corporate network — the AI takes precise action to neutralize threats on behalf of security teams.
Autonomous Response gives security teams peace of mind. The AI intervenes in escalating cyber incidents in seconds and allows your people to focus on higher-value tasks.
When a cyber threat emerges, Autonomous Response enforces the ‘pattern of life’ of the infected device or entity. Because Self-Learning AI continually enhances its understanding of your digital infrastructure, it constantly improves the precision of its response over time.
Human security teams often lack the resources to conduct full investigations into incidents, leading to important facets of attacks being overlooked. Intelligence Augmentation dramatically extends the reach and efficiency of in-demand and time-pressed cyber experts.
Over a period of three years, Darktrace developed AI that observed how expert security analysts interacted with the output of our Self-Learning AI and came to conclusions about threat scenarios and incidents.
The AI analyzed the way that analysts formulate hypotheses, ask questions, and follow leads to reveal the full scope of a security incident.
Because of this project, Darktrace produced the first-ever ‘AI Analyst’ that mimics human intuition by intelligently stitching together multiple, disparate information sources, in order to prioritize workloads, and perform fully-fledged, expert-grade threat investigations in real-time.
While Self-Learning AI makes sense of raw data from across the digital enterprise and establishes patterns of behaviour in order to pinpoint threats, Intelligence Augmentation applies the second layer of AI on top of this, using supervised machine learning to assess the output of these findings.
The result is AI-detected security events feeding into overarching incident summaries that highlight the full scope, origin and extent of the compromise.