Date post: | 16-Apr-2017 |
Category: |
Technology |
Upload: | executive-leaders-network |
View: | 721 times |
Download: | 3 times |
The Enterprise Immune System: Using Machine Learning to Detect ‘Unknown Unknown’ Threats
Chris Martin Senior Business Manager
Company Background
• Founded in 2013 in Cambridge, UK
• Started by mathematicians and government intelligence specialists
• Technology based on machine learning & mathematics
• HQs in Cambridge, UK & San Francisco
• Over 750 deployments worldwide
• 18 global locations
• Winner of ‘Security Company of the Year’ at Info Security Global Excellence Awards 2015
• Winner of ‘Best Insider Threat Detection and Solutions’ at Network Products Guide IT World Awards
• Gartner ‘Cool Vendor’ 2015
• World Economic Forum ‘Technology Pioneer’ 2015
“Darktrace is a game-changer” Virgin Trains
Enterprise Immune System
Unsupervised machine learningDevelops mathematical models of normal behavior
Inside-out viewComplete analysis and visibility of 100% network traffic
Correlation & behavioral analysisFor every individual user, device and network
Real time & long-runningAnalyzes events over long periods of time, with playback capability
Visualization and investigationAuto-classification of threats, supporting workflow and collaboration
Machine Learning & Mathematics
• Advanced Bayesian mathematics pioneered at Cambridge University
• Recursive Bayesian Estimation detects subtle changes within data series in real time and adaptively iterates its models
• Numerous approaches used to classify the probability of an action based on previous and emerging behaviors
• No ‘a priori’ assumptions about good or bad – mathematical models are unique to your organization
• Distribution is built from a complex set of low-level host, network and traffic observations or ‘features’
Darktrace in your Security Stack
Case Study: BT
Industry• Telecommunications
Challenge
• Huge dataset with confidential customer information• Distributed, global workforce• Protect against constantly-evolving and insider threat
Benefits• Able to stay ahead of ever-changing threats• Threat Visualizer provides 100% network visibility • Increased efficiency due to threat classification • Able to carry out in-depth investigations into real-time
incidents
“Darktrace’s machine learning and mathematics are extremely powerful in detecting activity that is abnormal and will be critical to our future cyber security offerings.”Mark Hughes, PresidentBT Security
Darktrace Antigena
Darktrace Antigena
Works like digital antibodies - produced by the immune system to inoculate against threats
Gets to the threat faster, as it unfolds
Allows networks to self–defend
Automatically takes thoughtful, measured actions, in response to the threat detected by Darktrace
Applicable to all Darktrace customers
To date, Darktrace has detected threats and given customers the ability to investigate and mitigate those risks. Today, we are living through a new era of threats, including fast, machine-on-machine attacks. The reality is that – a security team, no matter how big, is never going to be fast enough, every time.
Conclusion
• The threat is inside
• Rules & signatures are not enough
• Enterprise Immune System is unique
– Powered by machine learning and mathematics
– Understands ‘normal’ and detects emerging insider and external threats
– No rules or signatures
– Installs in 1 hour
• Antigena
– Automatically self-defends against a full range of potential threats
Q&A