Darktrace has announced a new set of artificial intelligence (AI) products designed to deliver proactive security to help organisations pre-empt cyber threats.
The PREVENT products are the latest additions to the vendor's AI-driven portfolio, which it claimed works together autonomously to optimise an organisation’s state of security through a continuous feedback loop.
The firm said that the new products are based on breakthroughs developed in the company’s Cambridge Cyber AI Research Centre and the capabilities gained through the acquisition of Cybersprint earlier this year.
PREVENT products use AI to “think like an attacker”
In a press release, Darktrace stated that its two new PREVENT products use AI to “think like an attacker,” finding pathways to an organisation’s most critical assets from “inside and outside,” analysing the most disruptive attacks for an organisation and feeding information to support continuous learning and automation to harden systems.
PREVENT/E2E (End-to-End) uses an outcome-based approach to managing cyber risk incorporating capabilities from across multiple disciplines including attack path modelling, automated penetration testing, breach and attack emulation, security awareness testing and training, and vulnerability prioritisation.
PREVENT/ASM (Attack Surface Management) performs reconnaissance on a specific target to deliver value across use cases including shadow IT, supply chain, mergers and acquisitions, configuration errors, and others.
Darktrace has also introduced new features to its existing DETECT and RESPOND products that it said enable all products to interact with one another as key components of the Cyber AI Loop.
Reactive approach to security quickly becoming inadequate
Commenting on the release, Chris Kissel, research director at International Data Corporation (IDC), says that a purely reactive approach to security is quickly becoming inadequate for organisations, highlighting the need for more proactive, preventative measures for countering cyber threats.
“Early data from research into how organisations are mitigating cyber risk and threats shows a shift towards proactive, ‘always-on’ technologies continually running tests on existing systems," Kissel said.
"Yet a continuous approach is fundamentally impossible to achieve without automation and AI, and Darktrace’s combination of AI technology that learns self and its new PREVENT product family will bring real value to thinly stretched security teams.”
Speaking during a live press briefing on Monday, July 18, Darktrace CTO Jack Stockdale said the PREVENT products have been designed to help businesses move away from waiting for and reacting to threats by autonomously using the time when they are not in a breach situation and or under attack to self-learn from data to establish how an attacker could uniquely target them and the key assets in their environment, augmenting detect and response capabilities with the enriched data.
Shadow IT a cyber threat PREVENT can mitigate
CSO asked Darktrace leaders to provide an example of a common cyber threat/risk that the new PREVENT products can mitigate and how AI technology plays into that process, with Max Heinemeyer, vice president of cyber innovation, cited shadow IT -- “finding risks that you’re not aware of” – as one instance.
“For example, any data leaks that could exist or any unmanaged things on the internet that you don’t even know belong to you, or things that are in the cloud but you’re not aware of that are pivotal for your cyber defence, and then informing detect and respond to wrap a safety blanket around them.”