Enterprise Immune Systems
Machine-learning and probability theory for detecting in-progress attacks
Dave Palmer, Director of Technology
Darktrace
World-leading Mathematics
Government Intelligence Experts
Enterprise Immune System
Darktrace in your security stack
Enterprise Immune System
Unsupervised machine learning
Develops mathematical models of normal behavior
Correlation & behavioral analysis
For every individual user, device and network
Inside-out view
Complete analysis and visibility of network traffic
Real-time & long-running
Analyzes behavior over long periods of time, with
real-time and historical playback
Visualization and investigation
Auto-classification of threats, supporting workflow,
and collaboration
Technology Architecture
Usability of mathematics to non mathematicians (live demo)
Can identity be believed?
“Policy & Compliance module”
Labels of behaviour
Backward compatibility:
• “Tag” groups
• Disciplinary watchlist
• Known-leavers watchlist
• Recurring security incidents
• Social-media/cloud usage
• Unencrypted dataflows
• Unofficial infrastructure usage
• Etc.
Thank You!
[email protected]