Darktrace Immune System: Self-Learning Detection & Response
In the past, when threat actors were less advanced and when digital activity was more predictable, a traditional approach to security was often adequate to keep cyber-threats at bay. By configuring security tools with static rules and historical attack data, organizations have sought to detect threats by defining ‘benign’ or ‘malicious’ in advance – relying on representations of attacks that have either been conceived of in the form of a rule, or that have been observed ‘in the wild’ and reverse-engineered for future detection.
While traditional defenses continue to define the threat in advance, Darktrace focuses instead on learning the normal ‘pattern of life’ for individual businesses, and spotting subtle deviations indicative of a threat. By learning a sense of ‘self’ for your entire organization, Darktrace’s immune system discovers subtle, previously unseen patterns and emerging threats that would otherwise go unnoticed.