Machine learning cybersecurity firm Darktrace PLC today announced a number of new innovations across its ActiveAI Security Platform to protect organizations from increasingly complex, multivector and novel attacks.
Central to the update is the introduction of NEXT — a Network Endpoint eXtended Telemetry agent that natively combines full network packet data with endpoint process data using self-learning artificial intelligence. The offering unifies insights from network to endpoint to natively provide security teams with the ability to trace network threats directly to their endpoint root cause.
NEXT allows analysts to undertake investigations in seconds that once took hours and multiple pivots between network detection and response, endpoint detection and response and extended detection and response tools. Instead of seeing only an unusual network connection, Darktrace immediately shows which process on which device initiated the connection. It unearths threats that would otherwise be missed, such as the misuse of legitimate software, “living off the land” attacks or unapproved software usage.
The visibility provided by NEXT feeds into Darktrace’s Cyber AI Analyst agentic AI system to provide full native context across endpoint processes, network, cloud, software-as-a-service, identity and email, giving it a complete view of incidents as they unfold. Darktrace says the unified understanding allows it to spot and stop unknown and undetected threats that move between these domains without relying on external integrations, central data lakes, or manual correlation.
The second release today from the company is new enhancements to Darktrace / NETWORK, the company’s AI-powered network detection and response solution. The enhancements support autonomous response in highly complex and segmented networks, plus increased response efficacy with additional firewall integrations. They allow security teams to respond to network threats faster and more effectively with a solution proven to contain zero-day threats up to eight days before public disclosure.
Darktrace / OT, the company’s platform for securing operational technologies, has received updates that assist defenders in addressing security challenges with operationally relevant insights, real-time attack path modeling and unified governance across their entire ecosystem.
Other updates include Darktrace / Attack Surface Management now supporting surgical and scheduled penetration assessments of exposed systems for the most common Common Vulnerabilities and Exposures. They help defenders see which weaknesses are likely to be exploited in practice and continually test against them, filling a gap between annual penetration tests.
Darktrace / Proactive Exposure Management has also been updated with support to identify and prioritize vulnerabilities without relying on third-party vulnerability management scanners.
“Security teams are under pressure to move faster, but most tools still leave them piecing together fragments of information,” said Connie Stride, senior vice president of product at Darktrace. “With Darktrace’s latest innovations, we’re giving them the full picture: from tracing a network threat straight to its root cause on a device to easily understanding attack paths across IT and OT.”
Image: Darktrace
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
