CIO Influence
CIO Influence News Security

Darktrace Cyber AI Analyst Now Runs Open Investigations

Darktrace Cyber AI Analyst Now Runs Open Investigations
Open Investigations Piece Together Virtually Distant, Cross-Entity Signs of Compromise Across a Business

Darktrace, a global leader in cyber security AI, announced significant enhancements to its flagship Cyber AI Analyst product as it now intelligently groups incidents to encompass the life cycle of complex compromises as they develop and progress across various entities within a business’s digital estate. Cyber AI Analyst now treats incidents as ‘open investigations,’ continuously adding new supporting data to ongoing cases.

Top iTechnology IT and DevOps News: GlobalData Partners with Snowflake to Empower Seamless Access and Delivery of its Data

Known for augmenting human analysts by continuously investigating to surface and prioritize the most critical incidents, Cyber AI Analyst’s open investigations piece together cross-entity incidents, so a SaaS account takeover can now be connected back to the same compromised credentials used on a local device. This process is akin to open criminal investigations where a single piece of evidence could connect two seemingly isolated crimes.

With ever-expanding, unique digital estates, it’s mission-critical that Cyber AI Analyst investigations remain bespoke to their environment rather than follow a one-size-fits-all model with pre-programmed investigation tactics. AI Analyst’s on-the-fly technical approach to investigations enables it to find the needle in a thousand haystacks that might be the key evidence to connecting disparate compromises.

Historically, multiple incidents would have remained separate. Now, AI Analyst can automatically merge incidents when it discovers a link connecting them. This shift to open investigations has early adopter customers experiencing up to a 63% reduction in total incidents and up to a 92% reduction in the most critical incidents, further decreasing time-to-meaning and analyst triage time, enabling customers to spend more time focusing on macro-level tasks and initiatives.

Top iTechnology Robotics News: Ecoppia Signs a First Ever Hybrid Project of 400MW With Market Leader Azure Power, Featuring Multiple Robotic Solutions on One Site

In addition to continuously running based on directly observed events, Cyber AI Analyst open investigations can be run manually by a human member of the security team or be triggered automatically by a third-party event, perhaps by an alert ingested directly from another security solution to validate and further contextualize their detections and decisions. Completed investigations are integrated directly into human and technology ecosystems for consumption either natively within the Darktrace UI, exportable reports, or third-party tools like SIEMs and ticketing systems.

“Our Cyber AI Research Centre focused on identifying ways to piece together seemingly disparate activity from different sources and entities to closely tie multiple possible indicators of compromise,” said Dr Tim Bazalgette, Research and Development Product Lead, Darktrace. “This cross-entity approach to incident discovery allows for the automated detection of compromises, and the automated determination of their full scope, without human attention. This influential research evolved to directly impact these key updates that make understanding incidents easier for Darktrace customers.”

Top iTechnology Robotics News: Ecoppia Signs a First Ever Hybrid Project of 400MW With Market Leader Azure Power, Featuring Multiple Robotic Solutions on One Site

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Schneider Electric Appoints Karlton Gray as IT Channel Director for the UK & Ireland

CIO Influence News Desk

Tenant, Inc. Secures Over $25 Million in Seed Series 2 Preferred Funding Round

PR Newswire

Starburst Acquires Varada To Deliver The New Standard Of Data Lake Analytics

Leave a Comment