According to the Darktrace State of AI Cybersecurity 2024 Report, 40% of security leaders see improving and optimizing technology and processes in the Security Operations Center (SOC) as a top priority for enhancing defense against the rise of AI-driven threats. Darktrace has been transforming the security operations of its thousands of customers for over a decade. Building on this experience, Darktrace is launching its MDR service, enabling customers to maximize the benefits of effective human-AI collaboration. This service provides customers with comprehensive hands-on support from analysts with 24/7 managed detection and response, including SOC investigation and action in response to alerts across network, cloud, operational technology (OT), endpoints, and software-as-a-service (SaaS) applications.
With MDR, Darktrace's SOC team will monitor customer environments for high-priority alerts indicating an attack, conduct investigations to alert customers to potentially serious incidents, and initiate initial triage with human involvement in AI actions. The SOC carefully assesses the response measures taken by the autonomous AI and then takes proactive steps to contain threats, including possibly expanding or escalating actions. By doing so, the SOC buys valuable time for internal teams while also gathering essential context for effective recovery efforts.
Darktrace's global SOC team consists of over 100 cybersecurity analysts and provides a wide range of real-time knowledge, expertise in threat analysis and containment, and extensive practical experience. Darktrace's SOC offers 24/7 support, utilizing a follow-the-sun model with locations in the United Kingdom, the United States, and Singapore, ensuring that analysts are available 24 hours a day to provide support.
The service builds on Darktrace's leadership and expertise with best-in-class detection and response capabilities. The Darktrace ActiveAI Security Platform employs a unique self-learning AI engine to detect known, unknown, and emerging threats in real-time and provide an autonomous response to manage active threats without disrupting business operations. However, in high-priority threats, it is often necessary for humans to be involved and make decisions. With Darktrace Managed Detection & Response, the Darktrace SOC team can now intervene immediately, perform initial triage, and gather context for internal teams. This gives them more time to coordinate an effective response to stop the threat. Other features and benefits of Darktrace Managed Detection & Response include:
- Comprehensive coverage across network, cloud, OT, endpoint, and SaaS applications. It offers one of the broadest MDR services currently available.
- Unlimited access to Darktrace's analyst team providing 24/7 support during live threat investigations or even daily operations.
- Biannual operational efficiency reports with insights into recommendations and objectives. Additionally, it provides suggestions for optimizing and tuning implementations for maximum operational efficiency and offers recommendations for improving overall cyber hygiene.
- Quarterly MDR assessments by analysts ensure that implementations reach their full potential, with tailored advice on streamlining workflows, model optimization, and customized user scenarios.
- Regular MDR service reports summarizing all generated alerts and the alerts resolved by the Darktrace SOC team for complete transparency of the service.
"As cyber threats become increasingly sophisticated and frequent, organizations are looking for ways to improve their security outcomes without increasing the workload of their teams," said Denise Walter, Chief Revenue Officer at Darktrace. "Our AI-driven MDR service gives our customers added peace of mind knowing that a human expert from Darktrace is monitoring their environment 24/7. Darktrace Managed Detection & Response not only brings the power of our technology but also the power of our people directly into our customers' environments."
Darktrace Managed Detection & Response is now available for customers using Darktrace DETECT™ and RESPOND™, across network, cloud, OT, endpoint, or SaaS applications. Darktrace partners can resell the service, providing added value to customers with a complementary offering to their existing portfolio.
Visit the website for more information.
