Darktrace’s Enterprise Immune System is a fundamental technology platform for cyber defense, which uses machine learning and AI algorithms to detect and respond to cyber-threats in real time, across the entire digital business infrastructure.

The Enterprise Immune System works by building an understanding of the normal ‘pattern of life’ for every device, user, and network within an organization. This self-learning technology is capable of identifying threatening activities that have never been seen before and generating ‘digital antibodies’ that autonomously respond to the threat.

This major upgrade of Darktrace’s flagship cyber defense platform, Version 3 (v3), focuses on ease-of-use for newer security analysts while pushing the upper limits of AI for expert analysts. CISO’s will benefit from new reporting while the security community as a whole will benefit from sharing previously unknown threat finds through STIX and TAXII. A new Darktrace Mobile App and enhancements to Antigena for firewalls and cloud make responding to attacks anytime, anywhere faster and more precise.

Key updates & improvements:

� Intuitive navigation and SOC display

� Ask the expert

� New Darktrace Mobile App

� Automated CISO reporting

� Greater coverage for Darktrace Antigena: cloud and firewall

� Enhanced math and machine learning

Enterprise Immune System Version 3

The Enterprise Immune System Version 3 is a self-learning technology platform that protects your entire digital infrastructure, providing 100% visibility into every aspect of your organization including physical networks, cloud, virtualized environments, IoT, and industrial control systems.

ENTERPRISE IMMUNE SYSTEMPowered by machine learning and AI algorithms

100% VISIBILITY DETECTION INVESTIGATION RESPONSECloud, virtual

& on-premThreat detection

inside the networkHigh-level &

forensic 3D viewAutonomous,

targeted response

Darktrace AntigenaThreat VisualizerDarktrace CoreConnectors & Sensors

TechnologyPlatform

Capability

Products

Self-configuring | Self-learning | Self-adapting

Dynamic Threat DashboardThe dashboard provides a dynamic, real-time view of high-priority threats and suspicious activities inside the network. This enables analysts of all levels to acquire a quick understanding of the organization’s current threat level and helps users with less technical or security skills to triage alerts and perform investigations.

� Easy-to-understand, high-level summary of top threats and suspicious events

� One-click access and fast triaging of alerts � Real-time and dynamically updating� Intuitive navigation � Fully integrated with the Threat Visualizer for in-depth

analysis

Darktrace Mobile AppAvailable for iOS, the Darktrace Mobile App allows users to easily access Darktrace when they are on the move. Designed to offer maximum flexibility and to increase the speed of mitigation, the app offers push notifications of in-progress threats and one-click confirmation of Antigena’s autonomous response actions.

� Intuitive Mobile App for enhanced user experience� Reduces response time for remote workers� One-click action

New in v3

“With the odds stacked in favor of cyber-attackers, the power of automation must be harnessed if the defenders are to withstand the onslaught and reduce the number, size, and frequency of data breaches.”

Rik Turner & Mike Sapien

12:30

Darktrace Remote

12:30

MODELS DEVICES ACTIVITY

RARE CONNECTION FROM SERVER 3

Mon Sep 2016, 12:09:0184%<Math / Network Profile>

UNUSUAL CREDENTIAL USE 3

Mon Sep 2016, 12:09:0169%<Math / Network Profile>

UNUSUAL CONNECTIVITY 3

Mon Sep 2016, 12:09:0149%<Math / Network Profile>

RARE CONNECTION FROM SERVER 3

Mon Sep 2016, 12:09:0132%<Math / Network Profile>

UNUSUAL CREDENTIAL USE 3

Mon Sep 2016, 12:09:0112%<Math / Network Profile>

12:30

Darktrace Remote

12:30

MODELS DEVICES ACTIVITY

NETWORK 3

Mon Sep 2016, 12:09:0184%<Math / Network Profile>

192.168.1.24 3

Mon Sep 2016, 12:09:0169%<Math / Network Profile>

LONDON OFFICE PRINTER 3

Mon Sep 2016, 12:09:0149%<Math / Network Profile>

BEN’S IPHONE 3

Mon Sep 2016, 12:09:0132%<Math / Network Profile>

MAC BOOK PRO 3

Mon Sep 2016, 12:09:0112%<Math / Network Profile>

12:30

Connected: 1h, 45mLondon Office Printer

Block

49%

3

12:30

RARE CONNECTION FROM SERVER 3

Mon Sep 2016, 12:09:0184%<Math / Network Profile>

UNUSUAL CREDENTIAL USE 3

Mon Sep 2016, 12:09:0169%<Math / Network Profile>

UNUSUAL CONNECTIVITY 3

Mon Sep 2016, 12:09:0149%<Math / Network Profile>

Antigena Expands Coverage The Enterprise Immune System’s autonomous response capability is now more powerful, thanks to multiple improvements to the Antigena framework including better containment of fast-spreading attacks (such as ransomware), more flexible deployment options, greater control and precision, and support for a wider variety of network environments.

� Reach expanded to the cloud - can take action, e.g. when an employee attempts to steal data.

� Integration with existing access control and blocking technologies in the network, such as firewalls, to implement responses

� More control over the scope of Antigena actions, e.g. restricting responses to specific user groups or devices

� Integration with Darktrace Mobile App for one-click action

Ask the ExpertWhen Darktrace identifies previously unknown threats, you can instantly send it to the Darktrace expert analysts to investigate and get a rapid response.

� Available within the Threat Visualizer� Expert advice when you need it

Executive Threat ReportThe Executive Threat Report automatically generates a summary of high-priority threats and activities, and the autonomous responses generated, providing executives with real-time results and trends.

Ask theExpert

Autonomous ResponseAntigena enforces the device’s ‘pattern of life’. All connections outside of its normal behavior

are terminated. Normal activity from the machine remains unaffected.

90% 98% 90% 98%90% 98%

160%

146%

139%

90% 98% 90% 98%90% 98%

160%

146%

139%

Darktrace © Copyright 2017 Darktrace Limited. All rights reserved. Darktrace is a registered trademark of Darktrace Limited. Enterprise Immune System, and Threat Visualizer are unregistered trademarks of Darktrace Limited. Other trademarks included herein are the property of their respective owners.

About DarktraceDarktrace is the world’s leading machine learning company for cyber security. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.

Contact Us

North America: +1 (415) 229 9100

Europe: +44 (0) 1223 394 100

Asia-Pacific: +65 6804 5010

info@darktrace.com

darktrace.com

@darktrace

Enhanced Math and Machine LearningDarktrace’s leadership in math and machine learning continues to underpin its technology, allowing it to detect even the most subtle threats. Using a combination of unsupervised and supervised machine learning, Darktrace’s team of AI specialists have added new mathematical techniques, including novel deep learning, for detecting novel attacks including:

� Additional techniques for low and slow attacks � Rapid decision making for machine-speed attacks� DNS tunneling attack detection� Correlating related threats to disparate infrastructure

Share Threat Finds If you want to share a threat discovery across your organization or with other external working groups and industry peers, Darktrace has added support for STIX and TAXII, helping to prevent repeated attacks.

"Darktrace is the clear leader in anomaly detection...well ahead of peers."