Darktrace launches new PREVENT AI security products to pre-empt cyberthreats

Darktrace has announced a new set of AI products designed to deliver proactive security to help organizations pre-empt cyberthreats. The PREVENT products are the latest additions to the firm’s artificial intelligence (AI)-driven portfolio, which it claimed works together autonomously to optimize an organization’s state of security through a continuous feedback loop. The firm said that the new products are based on breakthroughs developed in the company’s Cambridge Cyber AI Research Centre and the capabilities gained through the acquisition of Cybersprint earlier this year.

PREVENT products use AI to “think like an attacker”

In a press release, Darktrace stated that its two new PREVENT products use AI to “think like an attacker,” finding pathways to an organization’s most critical assets from “inside and outside,” analyzing the most disruptive attacks for an organization and feeding information to support continuous learning and automation to harden systems. PREVENT/E2E (End-to-End) uses an outcome-based approach to managing cyber risk incorporating capabilities from across multiple disciplines including attack path modelling, automated penetration testing, breach and attack emulation, security awareness testing and training, and vulnerability prioritization.

PREVENT/ASM (Attack Surface Management) performs reconnaissance on a specific target to deliver value across use cases including shadow IT, supply chain, mergers and acquisitions, configuration errors, and others. Darktrace has also introduced new features to its existing DETECT and RESPOND products that it said enable all products to interact with one another as key components of the Cyber AI Loop.

Reactive approach to security quickly becoming inadequate

Commenting on the release, Chris Kissel, research director at International Data Corporation (IDC), says that a purely reactive approach to security is quickly becoming inadequate for organizations, highlighting the need for more proactive, preventative measures for countering cyberthreats. “Early data from research into how organizations are mitigating cyber risk and threats shows a shift towards proactive, ‘always-on’ technologies continually running tests on existing systems. Yet a continuous approach is fundamentally impossible to achieve without automation and AI, and Darktrace’s combination of AI technology that learns self and its new PREVENT product family will bring real value to thinly stretched security teams.”

Speaking during a live press briefing on Monday, July 18, Darktrace CTO Jack Stockdale said the PREVENT products have been designed to help businesses move away from waiting for and reacting to threats by autonomously using the time when they are not in a breach situation and or under attack to self-learn from data to establish how an attacker could uniquely target them and the key assets in their environment, augmenting detect and response capabilities with the enriched data.

Shadow IT a cyberthreat PREVENT can mitigate

CSO asked Darktrace leaders to provide an example of a common cyberthreat/risk that the new PREVENT products can mitigate and how AI technology plays into that process, with Max Heinemeyer, vice president of cyber innovation, cited shadow IT — “finding risks that you’re not aware of” – as one instance. “For example, any data leaks that could exist or any unmanaged things on the internet that you don’t even know belong to you, or things that are in the cloud but you’re not aware of that are pivotal for your cyber defense, and then informing detect and respond to wrap a safety blanket around them.”