Darktrace is beta testing a cybersecurity platform that uses its artificial intelligence (AI) engine to map potential attack paths that cybercriminals could exploit to gain access to corporate IT environments.
Nicole Eagan, director of strategy and head of AI for Darktrace, told attendees at the Cyber Security Summit in Miami that an upcoming Darktrace Prevents offering will use algorithms to model how cybercriminals might use various avenues of attack. attack to compromise an organization.
Eagan said Darktrace Prevents should be generally available this summer and will also allow organizations to test countermeasures.
Darktrace Prevents is, in part, based on technologies the company acquired with the acquisition of Cybersprint BV, a provider of a tool that uses machine learning algorithms to detect vulnerabilities. It offers an alternative to hiring outside security professionals to perform penetration testing. Rather than performing these tests once or twice a year, the Cybersprint approach allows organizations to continuously scan their environments for vulnerabilities. This is critical because today’s computing environments are more dynamic than ever; most penetration test reports are out of date within days of filing.
The Cybersprint platform extends the current Darktrace Detect and Respond platform which also uses machine learning algorithms to discover anomalies indicative of cyber threats and quarantine those threats in real time. The Darktrace Detect and Respond platform is based on attack path modeling that uses graphs to surface network nodes. A weighted graph can be used to identify the path of least resistance to key assets to estimate the likelihood that an adversary will be able to perform a successful lateral move from Node A to Node B. This capability provides a realistic assessment in real-time attack patterns that will be used against an organization’s most critical assets.
Indeed, the acquisition of Cybersprint expands Darktrace’s focus to provide a continuous cybersecurity AI loop based on machine learning algorithms that learn the computing environment they protect.
It is not yet known to what extent cybersecurity teams are adopting AI. However, as attacks increase in volume and sophistication, AI technologies offer a way to augment chronically understaffed cybersecurity teams. In fact, as IT environments become larger, cybersecurity teams are unlikely to be able to defend every attack surface without the aid of machine learning algorithms.
That said, AI, in the form of machine learning algorithms, is unlikely to replace the need for cybersecurity professionals anytime soon. However, they will go a long way to rebalancing a playing field that today tilts firmly in favor of cybercriminals who only need to find and exploit a weakness to succeed. In fact, it’s now more about how much AI will augment the overwhelmed cybersecurity professionals who are under attack from all sides.