Darktrace Antigena Network
Cyber AI Platform
Darktrace Antigena Network
Antigena Network is the world’s leading Autonomous Response technology for the enterprise. Powered by self-learning cyber AI, Antigena Network instantly interrupts attacks across cloud services, IoT and the corporate network with surgical precision, even if the threat is novel or highly targeted.
- Stops an attack spreading in real time
- Surgical response
- No disruption to your business
- Buys you time to catch up
Powered by Darktrace’s world-leading AI, Darktrace Antigena is an award-winning Autonomous Response solution that responds to cyber-threats in real time. Working in conjunction with the Enterprise Immune System, it generates actions that are proportionate to the threat level detected and effectively counters the attack, allowing business operations to continue as usual.
Stops emerging threats in seconds
Neutralizes targeted, self-spreading attacks
Takes surgical action by enforcing ‘normal’
Sustains normal operations during incidents
Buys critical time for strained teams
Helps teams prioritize strategic tasks and mitigate risk
Neutralizes Threats in Seconds
Thousands of new threats are halted each day, including:
- Hacked IoT devices
- Compromised credentials
- Advanced spear phishing attacks
- ICS and SCADA compromises
- Zero-day attacks
- Cloud misconfigurations
Building Trust with the Mobile App
The Darktrace Mobile App allows you to build trust in Antigena at a pace that suits you. Available in two customizable modes, you can tailor Antigena to your risk appetite, and stay informed on the move.
- Human Confirmation Mode – gives users the option to confirm Antigena’s recommended actions to build trust.
- Active Mode – acts autonomously within its defined operating parameters, without the need for the security team to log on.
Autonomous Response: The Machine Fights Back
As cyber-attacks get faster and more advanced, security teams are overwhelmed and outpaced. Autonomous Response technology changes the stakes for defenders by giving you the ability to contain fast-moving threats, even when you are not in the office and cannot respond fast enough.
Darktrace Antigena works like a digital antibody, intelligently generating surgical responses to cyber-attacks across your digital environments. It does this by mathematically calculating the best action to take in the shortest period of time, to effectively stop an attack from spreading.
Whether a ransomware attack hits out of hours or an insider is exfiltrating sensitive data, Darktrace Antigena is able to enforce the normal ‘pattern of life’ of the digital environment, stopping the threats without interrupting the business. With Darktrace Antigena prepared to defend 24/7, security teams gain the precious time they need to catch up.
Darktrace Antigena Modules
With an intuitive and easy-to-use graphical interface, threat visualization and investigations are simplified. The Threat Visualizer provides real-time visibility of your entire environment, it enables your team to focus on the highest-priority threats, while giving you the option to drill down into more detail.
Antigena for Cloud
Provides 24/7 autonomous protection of your crown jewels and sensitive data in the cloud. It stops insider threats, account takeovers, critical misconfigurations and more, wherever they occur, in real time.
Antigena for Email
Neutralizes spear phishing and impersonation attacks in Office 365. By analyzing each email in the context of a bespoke understanding of ‘normal’ across network, email, and cloud, Antigena Email defends the network against malicious emails that evade the email gateway
Antigena for Network
Delivers Autonomous Response AI across the enterprise and Internet of Things. Like a digital antibody, it generates measured and proportionate responses when a significantly threatening incident arises. Within seconds of detecting a threat, Antigena surgically enforces a device’s normal ‘pattern of life’. It can also integrate with your firewalls or network devices if appropriate.
Real-World Use Case: Antigena Fights Back
At a Japanese consultancy, Darktrace discovered that an internet-connected CCTV system, which monitored the entire office space, had been infiltrated by unknown attackers who had begun watching all the cameras’ video recordings.
Darktrace’s AI quickly detected that massive volumes of data were moving between the unencrypted CCTV server, indicative of the attackers preparing to exfiltrate sensitive information. At this point, Antigena took rapid and precise defensive action. The technology’s autonomous decision-making blocked data movement from the device to an external server – while still allowing the CCTV to operate in its intended capacity.
Darktrace Antigena fought back at machine speed, preventing a serious breach of market-sensitive information. By taking proportionate action to isolate and neutralize the attack at an early stage, Antigena created an important time buffer, allowing the security team to further investigate and remediate the threat, avoiding critical damage.
Powering a self-defending business with Autonomous Response AI
By taking swift and targeted action, Antigena contains threats when security teams are overwhelmed, or simply aren’t around.
Trusted by thousands of companies
Over a thousand organizations rely on Antigena Network to deliver 24/7 autonomous protection of their critical data and operations.
The system can be configured to fit your specific business needs — whether that means only enabling Active Mode on the weekends, or just in certain areas of the business.
Antigena can be further adjusted to treat high-risk users and devices with increased sensitivity, depending on your desired use cases and risk appetite.
Intelligent action at machine speed
Time and precision are of the essence in incident response, and a delayed or blunt response action can often lead to devastating business interruption or data loss. Antigena contains fast-moving attacks in seconds, with an intelligent response that enforces the ‘pattern of life’ of the infected device or compromised user. This contains the threat while allowing employees and systems to continue to perform their roles.
Adapting to the unpredictable
Unlike pre-programmed defenses, Antigena Network can recognize and react to attacks it hasn’t encountered before, from machine-speed ransomware to insider threats. This is only possible because the system has learned ‘on the job’ how your organization operates, enabling an autonomous response that understands and adapts to the threat scenario as it unfolds.
AI coverage across your entire workforce
Antigena Network delivers Autonomous Response across your entire workforce, providing bespoke protection for cloud services, IoT, and the corporate network.
Rather than generate broad-brush quarantines that would only cause more disruption, Antigena works by surgically enforcing the normal ‘pattern of life’ of an infected device or compromised user.
With Tactical Response, Antigena Network generates self-directed actions that neutralize attacks in seconds.
Each response is surgical and anchored in the system’s granular understanding of ‘normal’ for every user, device, peer group, and the organization as a whole. This enables Antigena to intelligently judge which events merit Autonomous Response, whilst allowing ‘business as usual’.
With Strategic Response, Antigena Network acts as the ‘AI brain’ of the entire security stack, leveraging high-confidence detections to hand off and integrate with third-party systems as a mechanism for response.
Through active integrations, Antigena Network can seamlessly plug into and enhance your existing security ecosystem, informing firewalls and cloud services about attacks that have gotten through.
Easy control with the Darktrace Mobile App
With the Darktrace Mobile App, you can leverage the power of Autonomous Response on-the-go. Whether you’re out of the office or simply don’t have time to monitor every action, our App makes it easier than ever to gain complete oversight and control.
Download the Darktrace Antigena Network Datasheet (.PDF)