Threat Discoveries: What Darktrace Industrial Finds

Darktrace Industrial is fundamentally changing the game of ICS cyber defense. Michael Sherwood, CIO, City of Las Vegas
White Paper Thu 13 Sep 2018

Darktrace Industrial defends some of the most complex industrial control systems in the world against novel and sophisticated cyber-campaigns. Darktrace Industrial’s worldleading cyber AI technology has been specifically developed to detect cyber-threats and latent vulnerabilities across both Operational Technology (OT) environments, such as SCADA systems, and IT networks.

Modeled on the principles of the human immune system, Darktrace Industrial learns the ‘pattern of life’ of every user, device, and controller, and uses that constantly evolving understanding to detect the earliest signs of an emerging threat. Darktrace Industrial also provides unprecedented visibility across both your industrial and enterprise networks, allowing your security team to gain oversight of the entire distributed infrastructure.

This document features case studies of alerts raised in real industrial networks where Darktrace Industrial was deployed.

Powered by unsupervised machine learning and AI, Darktrace Industrial autonomously learns ‘normal’ behaviors and can then identify genuine cyber-threats at a very early stage, before they develop into a crisis and cause material harm. This ‘immune system’ approach is capable of detecting all forms of potentially threatening behavior, including malicious attacks, accidental errors, and malfunction. This allows for a far more comprehensive and risk-based approach to security monitoring than traditional signature tools, which are rigidly programmed to catch only known threats.

Rather than producing a flood of alerts, Darktrace Industrial only surfaces genuine incidents. Threats are scored and ranked by their level of severity, empowering security teams to investigate critical issues, respond rapidly to all forms of threats, and make their systems far more resilient in the long term.