Summary:
1. Darktrace has introduced an automated cloud forensics service called Darktrace / Forensic Acquisition & Investigation to help security teams quickly examine attacks in hybrid, multi-cloud, and on-premises environments.
2. Combining this service with Darktrace / CLOUD can potentially cut down investigation periods from days to just minutes, addressing the challenge of longer investigation times and blind spots in cloud security.
3. The solution offers automated hybrid forensic capture, ephemeral data capture, automated investigation with complete timelines, scalable response and reporting, and rapid deployment and seamless integration.
Article:
Darktrace, a leading cybersecurity AI company, has recently unveiled a new automated cloud forensics service known as Darktrace / Forensic Acquisition & Investigation. This solution aims to assist security teams in swiftly and comprehensively examining attacks in hybrid, multi-cloud, and on-premises environments by providing instant access to forensic-level data. By combining this service with Darktrace / CLOUD, enterprises can benefit from a comprehensive cloud security solution that includes real-time detection, response, and forensic investigation, potentially reducing investigation periods from days to just minutes.
Cloud usage has surpassed security operations, leading to blind spots that adversaries can exploit quickly. A survey of cloud security decision makers revealed that investigations in the cloud take longer than on-premises systems, with over 90% of firms reporting damage before containing cloud incidents. Conventional log-based alerts often fail to detect activities like privilege escalation or lateral movement, making it challenging for security teams to respond effectively. Additionally, cloud workloads are increasingly targeted by hostile attacks, as evidenced by research on Darktrace’s Cloudypot honeypots.
The Darktrace / Forensic Acquisition & Investigation solution offers automated hybrid forensic capture, ephemeral data capture, automated investigation with complete timelines, scalable response and reporting, and rapid deployment and seamless integration. This innovative solution leverages the speed and scale of the cloud to automatically gather, preserve, and investigate volatile data at the time of detection. By providing security teams with crucial context and reconstructing attacker behavior in real time, the solution enables them to quickly understand root causes and reduce investigation times significantly.
Overall, Darktrace’s automated cloud forensics solution represents a significant advancement in cloud security, offering organizations the ability to respond more efficiently to threats and lower overall business risk. By integrating this solution with Darktrace or CLOUD, security teams can benefit from a powerful combination of forensic-level inquiry and real-time cloud detection and response, streamlining their investigative processes and enhancing their overall security posture. Summary:
1. Andrea Carriero, Head of Infrastructure & Security at Papernest, highlights the importance of cloud innovation but also the hazards it brings.
2. Darktrace / CLOUD provides clarity and prioritizes investigations to help maintain platform security and enable further expansion.
3. Darktrace integrates cutting-edge forensic technologies to transform cloud investigations into quick, automated, and context-rich processes.
Article:
In the fast-paced world of cloud innovation, Andrea Carriero, the Head of Infrastructure & Security at Papernest, emphasizes the crucial balance between advancement and security challenges. While cloud technology opens up incredible opportunities, it also introduces new risks that can be difficult to control. To address these challenges, Carriero and his team turned to Darktrace / CLOUD for a solution that provides full-spectrum visibility and the ability to cut through the noise to focus on actual dangers.
Darktrace / CLOUD offers a unique approach by prioritizing investigations, giving a comprehensive view of the entire cloud infrastructure, and saving crucial time while ensuring platform security. This clarity has enabled Papernest to adopt a security-focused, proactive culture, which is essential for supporting further growth and innovation in the cloud space.
By seamlessly integrating Darktrace / Forensic Acquisition & Investigation and Darktrace / CLOUD, teams can quickly identify threats as they arise and preserve the forensic evidence necessary for investigation. With the detection and blocking capabilities of Darktrace / CLOUD, suspicious cloud activity can be contained immediately while maintaining essential evidence for future analysis and resolution.
Darktrace has further enhanced its cloud capabilities by streamlining investigations and improving detection of sophisticated attacker tactics. By combining automated forensics, threat detection, and response into a single platform, security teams can transform reactive cloud investigations into quick, automated, and context-rich processes. This allows businesses to leverage the benefits of the cloud while effectively reducing security risks.
Connie Stride, Senior Vice President of Product at Darktrace, underscores the importance of addressing the security challenges that come with cloud adoption. By integrating cutting-edge forensic technologies into the Darktrace platform, businesses can now access forensic-level clarity in minutes, critical data before it disappears, and the ability to take decisive action against modern cloud threats. This revolutionary approach redefines how businesses can protect their cloud environments and stay ahead of potential security risks.
Overall, the integration of Darktrace’s advanced technologies provides a comprehensive solution for managing cloud security challenges and enables businesses to embrace cloud innovation with confidence. The new capabilities in Darktrace / CLOUD, along with integrations across the Darktrace ActiveAI Security Platform, are now available for businesses looking to enhance their cloud security posture and protect against evolving threats.
