Darktrace's 'digital antibodies' fight unknown cybersecurity threats with machine learning
Darktrace has compared Antigena to the immune system of the human body.
Cybersecurity firm Darktrace has launched a new cyberdefence tool which it claims uses machine learning to automatically fight back against cybercrime threats, even if the malicious intrusion is previously unknown.
The new product, Darktrace Antigena, uses machine learning to enable networks to automatically self-defend against potential threats without any prior knowledge of new attacks which might be used by hackers.
By using machine learning techniques initially developed by mathematicians at the University of Cambridge, Darktrace -- which was founded by former MI5 and GCHQ intelligence staff -- claims that Antigena "replicates the function of antibodies in the human immune system" by innoculating threats as they appear.
Depending on the intrusion, Darktrace will respond by either stopping or slowing down activity related to a specific threat; quarantining users, systems, or devices as required; or marking specific pieces of content for further investigation.
According to Darktrace CEO Nicole Eagan, Antigena "reacts faster than any security team can" because of its ability to detect threats without any prior knowledge of what to look for.
"Antigena is a major new step forward in 'immune system' defense -- providing more automation, freeing up more people and equipping them with ammunition that actually works -- in this new phase of perpetual internal threat," says Eagan.
There are three different Darktrace Antigena modules: Antigena Intenet regulates machine and user access to the internet; Antigena Communication regulates email, chat, and other messaging tools; and Antigena Network looks after machine and network connectivity, as well as user access permissions.
Darktrace isn't the only technology company to use machine learning in its security tools; Splunk also uses analytics in its enterprise security offering and recently updated its software to add anomaly detection and enhanced correlation and investigation tools.