Darktrace MDR service improves cyber resilience for organizations
Darktrace launched its new service offering, Darktrace Managed Detection & Response (MDR).
The service combines detection and response capabilities spanning across the enterprise, with the expertise of its global analyst team. This combination augments internal security teams with AI-powered threat containment and expert alert management across Darktrace environments, allowing them to focus resources on more strategic security efforts, like improving cyber resilience.
Over 40% of security leaders cite enhancing and optimizing technology and processes in the security operations center (SOC) as a top priority for improving defenses against the rise of AI powered threats according to the Darktrace State of AI Cybersecurity 2024 report. As a leader in applying AI to the challenge of cybersecurity, Darktrace has transformed security operations for thousands of customers for more than a decade.
Building upon this expertise Darktrace introduced its MDR service in March 2024, empowering customers to maximize the benefits of effective human-AI collaboration. The service offers customers expanded hands-on analyst support with 24/7 managed detection and response, featuring SOC investigation and action on Darktrace alerts, across network, cloud, operational technology (OT), endpoints and software-as-a-service (SaaS) applications.
With MDR, Darktrace’s SOC team will monitor customer environments for high priority alerts indicative of an attack, conduct investigations to alert customers of potentially severe incidents and begin initial triage with human engagement on the AI’s actions. The SOC will carefully review the response measures the autonomous AI has taken and subsequently take proactive steps on behalf of the customer to contain threats, which may include extending or escalating response actions. By doing so, the SOC buys valuable time for internal teams to prepare for engagement while also gathering essential context for effective remediation efforts.
Darktrace’s existing global SOC team comprised of 100+ world-class cybersecurity analysts support the service, offering a breadth of real-time knowledge, threat analysis and containment expertise, and extensive field experience. Darktrace’s SOC offers 24/7 support, utilizing a follow-the-sun model with operations headquartered in the United Kingdom, United States and Singapore, to ensure analysts are available and ready to support around-the-clock.
The Darktrace ActiveAI Security Platform utilizes its unique self-learning AI engine to detect known, unknown, and novel threats in real-time and provide an autonomous response to contain active threats without disrupting business operations.
However, high-priority threats often require humans to engage and make decisions following the initial containment. Darktrace Managed Detection & Response now enables the Darktrace SOC to immediately step in, conduct the initial triage, and gather context for internal teams, buying them added time to coordinate an effective response to remove the threat. Additional features and benefits of Darktrace Managed Detection & Response include:
- Expansive coverage across network, cloud, OT, endpoints, or SaaS applications offering one of the broadest vendor MDR services available today.
- Unlimited access to Darktrace’s analyst team providing 24/7 support for expert assistance during live threat investigations or even day-to-day operations.
- Semi-annual operational efficiency reports featuring consultancy insight with objectives and recommendations for optimizing and tuning deployments for maximum operational efficiency, and suggestions on improving overall cybersecurity hygiene.
- Quarterly analyst MDR reviews ensuring deployments are reaching their full potential, with tailored advice on streamlining workflows, model optimization and custom use cases.
- Regular MDR service reports summarizing all alerts raised as well as those resolved by Darktrace’s SOC for full transparency of service.
“As cyberthreats become more sophisticated and frequent, organizations are looking for ways to help improve their security outcomes without adding to their team’s existing workloads,” said Denise Walter, CRO, Darktrace. “Our AI-powered MDR service gives our customers added peace of mind that a Darktrace human expert is monitoring their environment 24/7 to keep them protected. Darktrace Managed Detection & Response brings not only the power of our technology, but the power of our people directly into our customers’ environments.”
Darktrace Managed Detection & Response is available now to customers using Darktrace DETECT and RESPOND, across Network, Cloud, OT, Endpoints, or SaaS applications. Darktrace partners can re-sell the service, helping to deliver added value for customers with a complementary offering for their existing portfolio.
“At Grove, we are excited to partner with Darktrace to offer their Managed Detection & Response (MDR) service to our clients. This collaboration seamlessly integrates our services and together, Darktrace’s MDR service and our dSOC service, offer unparalleled security through skilled analysis and consistent oversight,” said James Vintin, CEO at Grove Group, a global partner, reseller and distributor focused on defending customers with advanced cybersecurity solutions.
“Combining Darktrace’s 24/7 AI-driven threat containment and immediate intervention with Grove’s proactive daily analysis, Indicator of Compromise reports, and continuous customer interaction ensures that potential threats are promptly identified and addressed. Our partnership enhances our clients’ overall security posture and delivers the best of both worlds: immediate and long-term protection against evolving cyber threats,” added
source: HelpNetSecurity
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024