Darktrace extends autonomous response to enforce normal behavior on endpoints

Darktrace extends autonomous response to enforce normal behavior on endpoints-01

Darktrace, a global leader in cybersecurity AI, today announced that its autonomous response technology now acts at the endpoint, completing the Darktrace Antigena family of products, which already includes coverage for SaaS applications, cloud, email, network and operational technology (OT).

Endpoints have moved away from traditional infrastructure and started hosting even more sensitive data. As a result, CISOs and security professionals have been forced to grapple with the complexities of protecting their organizations and fast-paced workers in the wake of flexible work arrangements and the dawn of the “Great Resignation.”

A novel approach to this challenge could be to augment security teams with AI that learns on the job how this flexible and dynamic workforce is working. Irregularity of endpoint activity can be continually reassessed, and subtle, inconspicuous actions can be continually reassessed and taken to enable productive work and stop only threatening activity.

Also Read: Strategies to Automate Security Processes

Antigena Endpoint does just that. It detects anomalous activity and intelligently makes micro-decisions based on unusual activity, such as unusual initial file downloads and data exfiltration attempts, command-and-control traffic, or lateral movement that could pose a cyber threat. It uses various techniques to disrupt attacks on Mac, Windows, and Linux devices, including data leaks, ransomware, and insider threats.

Contextual knowledge gained from other parts of the digital estate is also beneficial in stopping attacks on endpoints. For example, in the case of Antigena Email and Antigena Endpoint deployed together, response accuracy is enhanced by a more nuanced understanding of new and expected senders across all email and endpoint activity. A new sender asking an employee to perform a bank transaction for themselves may warrant action. But, with the added information that the website has no prior relevance to the organization, more context would strengthen the case and alter the system’s response.

“Antigena Endpoint is the evolution of the Darktrace platform that I’ve most anticipated and been excited about. It truly is a game changer and gets right to the heart of what our customers need right now,” said Mike Beck , Global Head of Security of Darktrace Information. “The assurance that Darktrace can not only detect the earliest signs of attacks, but can now act on all employee endpoints, is more important than ever.”

For more such updates follow us on Google News ITsecuritywire News