Embed Size (px)
Citation preview
The Enterprise Immune SystemUsing Machine Learning for Sophisticated Threat Detection
Richard AyreAccount Manager
Company Background• Founded in 2013 in Cambridge, UK• Started by mathematicians and government
intelligence specialists• Technology based on machine learning &
mathematics• HQs in Cambridge, UK & San Francisco • Over 1200 customer installations• 22 global locations• 600% year-on-year growth
“Darktrace is a game-changer” Virgin Trains
• The Queen’s Awards for Enterprise Innovation 2016
• Bloomberg Business Innovator 2016• ‘Security Company of the Year’ at Info
Security Global Excellence Awards 2016• ‘Best Insider Threat Detection and Solutions’
at Network Products Guide IT World Awards• Gartner ‘Cool Vendor’ 2015• World Economic Forum ‘Technology Pioneer’
2015
Why is the Enterprise Immune System unique?
Learns ‘self’ For every individual user, device and network, using unsupervised machine learning
Detects insider & external threatsThat bypass traditional security tools
Real time Continually identifies anomalies, as they emerge
100% visibilityVisualizes entire network, auto-classifies threats and allows for in-depth investigations
Play-backAnalyzes and correlates events over time. Ability to replay incidents
Machine Learning & Mathematics• Advanced Bayesian mathematics pioneered at the
University of Cambridge
• Recursive Bayesian Estimation detects subtle changes within data series in real time and adaptively iterates its models
• Numerous approaches used to classify the probability of an action based on previous and emerging behaviours
• No ‘a priori’ assumptions about good or bad – mathematical models are unique to your organisation
• Distribution is built from a complex set of low-level host, network and traffic observations or ‘features’
Live demo of the Darktrace Threat Visualizer
Case Study: BTIndustry• Telecommunications
Challenge• Large, widely dispersed network• Fast-evolving sophisticated threats• Wanted a solution that could parse complex
network data and detect previously unknown threats
Benefits• Real-time, dynamically updated visibility of entire
network• Confidence that previously unknown threats can
be detected within network before they do serious damage
• Enhanced their own security offerings with Darktrace’s expertise in unsupervised machine learning and Bayesian mathematics
• Defended against potential insider threat
“Darktrace’s machine learning and mathematics are extremely powerful in detecting activity that is abnormal and will be critical to our future cyber security offerings.”Mark Hughes, PresidentBT Security
Case Study: Irwin Mitchell LLCIndustry• Legal
Challenge• Keeping up to date with rules & signatures• Protecting against potential threats, including APTs and cyber
security • Safeguard client data and confidentiality • Integrating multiple devices/vendors• Multiple portals and alert mechanisms
Benefits• Total network visibility• Assistance with root cause analysis • Mapping applications/services• Ability to investigate incidents in real time and ‘replay’ them • Take control of evolving situations
“With Darktrace, we can see threats earlier or as they are happening – this allows us to take control of a situation.”Mark Vivian, Head of IT Security at Irwin Mitchell
Customer Testimonials“Darktrace is a game-changer - now we have a baseline of how our users, devices and network operate.” Louis Kangurs, IT Network Manager, Virgin Trains
“Darktrace has already identified threats with the potential to disrupt our networks.” Martin Sloan, Head of Safety and Security, Drax
“I intuitively feel that technology working as a self-learning immune system is the right way to do cyber defense.” Svein Ringbakken, Managing Director, DNK
“Darktrace has given us real visibility into all our digital
interactions.” Philip Aim, Managing Director, CreaCard
“Darktrace shines a light onto our systems, giving us a visual overview of what’s really happening ‘under the hood’ Conor Claxton, COO, Macrosynergy Partners
“Darktrace’s approach to cyber security is fitted with our strategy of making our cyber defence more proactive.” Alain Daubié, CIO, Sisley
“Darktrace’s machine learning and mathematics are extremely powerful in detecting activity that is abnormal and will be critical to our future cyber
security offerings.” Mark Hughes, President, BT Security
Conclusion• Enterprise Immune System is unique
• Automatically understands network, devices, users
• Powered by machine learning and mathematics
• Learns ‘normal’ and detects emerging insider, unsignatured and external
threats
• No rules or signatures
• Installs in 1 hour
Thank you
