Darktrace, a Cyber AI business, was founded in 2013 aiming to find use cases where machine learning and AI are well suited to address some of today’s cybersecurity challenges. Since the company’s creation, it has grown substantially and currently operates in over 100 countries serving over 8,800 customers.
Whereas cybersecurity tools and products typically look at understanding and learning from attacks from the past to try to prevent them from happening again in the future, Darktrace takes a different approach. “By leveraging AI and machine learning, Darktrace learns how businesses normally operate on a granular level which does not necessarily look at historical attack or breach data,” explains Nabil Zoldjalali, VP, Technology Innovation at Darktrace.
By learning all the intricacies of the interactions and transactions between different assets and services in organizations, Darktrace can not only find anomalies and deviations from normal but it also enables customers to enforce normal and stop threats in their tracks.
Today’s distributed environments can be challenging to secure since the data is spread out in different places and managing human error as a result of this can be complex. However, the cloud also brings numerous benefits such as availability, scalability, optimizing operations, and helping with distribution. Having a cybersecurity program that can deal with that level of dynamic change and transformation is therefore crucial. Although cloud security providers do invest heavily in resources and have the best security capabilities, the onus still lies with the end user to ensure they have security strategies in place.
Organizations have to weigh up their approaches to security and how many resources they spend on them. Pre-implementation cloud security is concentrated around being able to secure and capture risks that may or may not manifest before anything goes live into production and posture management is frequently used for this purpose. However, as it typically is based on snapshots or APIs, it can lack the depth needed to get a real-time view of what is happening. On the other hand, post-implementation security usually utilizes agents or sensors that are deployed on compute workloads to monitor things in real-time as they unfold. While this approach has benefits, it is limited in scope to what you can deploy agents on but it does offer a more granular view.
Darktrace Cloud’s new release aims to provide customers with the best of both worlds, making it easy to deploy and giving you the breadth of view that pre-implementation security gives while offering the real-time visibility of post-implementation cloud security. Darktrace Cloud also enables you to look at the misconfigurations and human error and get them contextualized within the framework of the architecture of your application so that customers can reprioritize and de-risk misconfigurations. It also provides a single source of truth that both developers and security professionals can see to enable them to foster better collaboration together.
This summary was written by Emily Nicholls.
Guest: Nabil Zoldjalali (LinkedIn)
Company: Darktrace (Twitter)
Show: Let’s Talk





