Darktrace-Email Product Brief Instructions
- June 1, 2024
- DARKTRACE
Table of Contents
Darktrace-Email Product Brief
AT A GLANCE
- Extending protection to Microsoft Teams
- Internal mail protection enhancements to prevent account takeover and lateral phishing
- AI-augmented data loss prevention (DLP)
- Introducing Darktrace/DMARC
- Workflow enhancements with Cyber AI Analyst
In 2024, email security challenges have evolved far beyond inbound attacks, as cyber attackers increasingly leverage AI and employ multi-vector techniques that penetrate every facet of organizational communication. Our largest-ever update to a market-leading solution, Darktrace/Email introduces innovations giving security teams the confidence to look beyond traditional secure email gateways and into a new era of cloud email security.
Expanding coverage to Microsoft
Teams protection to stop more account compromise, phishing, malware, and data
loss.
Darktrace now leverages the same behavioural AI techniques for Microsoft Email
and 365 with Teams, allowing organizations to detect threats and signals of an
account compromise that span communication channels. Anomalous messaging
behaviour is a highly relevant indicator of whether a user has been
compromised. Unlike other Team security solutions that focus on payloads,
Darktrace goes beyond basic link and sandbox analysis to look at the language
and the context in which every message is delivered – to catch
payloadless threats and early-stage social engineering.
AI-augmented data loss prevention to stop the entire spectrum of outbound mail threats. Darktrace/Email now actions outbound emails to stop unknown, accidental, and malicious data loss. Traditional DLP solutions only take into account classified data, which relies on the manual input of labelling each data piece or creating rules to catch pattern matches to try and stop data of certain types from leaving the organization. In contrast, Darktrace understands behaviour and content on a dynamic basis to prevent any data from leaving the organization unusually.
ENHANCE EXISTING INVESTMENTS
Classification efforts already in place are extended by Darktrace/Email. Microsoft Purview policies and sensitivity labels are used by our AI, to avoid duplicated workflows for the security team. Combining the two approaches ensures organizations maintain control and visibility over their data.
Dark Trace’s AI-augmented DLP is uniquely positioned to stop
- Insider threats
- Threats arising in unclassified or unlabeled data
- Human error
Darktrace can detect novel email attacks
13 days earlier on average than email security tools that are trained on
knowledge of past threats. of threats missed by other email security solutions
are 58% stopped by Darktrace/Email.
Major enhancements to streamline End-User and SOC workflows by 60%
Employees will always be on the front line of email security. While other
solutions assume that end-user reporting is automatically of poor quality,
Darktrace prioritizes improving the quality of end-user reporting from day one
and reducing the amount of reports over time. Users are empowered to assess
and report suspicious activity with contextual banners and Cyber AI Analyst-
generated narratives, resulting in 60% fewer benign emails reported. Out of
the higher-quality emails that are reported, the next step is to reduce the
number of emails reaching the SOC.
Mailbox Security Assistant automates their triage with secondary analysis combining additional behavioural signals – using 20x more metrics than previously – with advanced link analysis to detect 70% more sophisticated malicious phishing links. For emails that are received by the SOC, Darktrace/Email uses automation to reduce the time spent investigating per incident. With a live inbox view, security teams see a centralized platform that combines intuitive search capabilities, Cyber AI Analyst reports, and mobile access. Analysts can take remediation actions from within Darktrace/Email, eliminating console hopping and accelerating incident response.
Lateral mail protection to prevent account takeover, lateral phishing and
data leaks
The industry’s most robust account takeover protection now prevents lateral
mail account compromise. Darktrace has always looked at internal mail to
inform inbound and outbound decisions, but will now elevate suspicious lateral
mail behavioural analysis using the same AI techniques for inbound, outbound,
and Teams. Unlike other solutions that only analyze payloads, Darktrace
analyzes a range of signals to catch lateral movement before a payload is
delivered. It integrates signals from across the entire mail flow and
communication patterns. Security teams can now use signals from lateral mail
to spot the early symptoms of account takeover and take autonomous actions to
prevent further compromise.
An easy way to deploy DMARC quickly with AI
Darktrace now gives in-depth visibility and control of 3rd parties using your
domain with an industry-first AI-assisted DMARC. This new capability
continuously stops spoofing and phishing from the enterprise domain, while
automatically enhancing email security and reducing the attack surface.
Automated record suggestions provide a clear, efficient road to enforcement, allowing organizations to quickly achieve compliance with requirements from Google, Yahoo, and others while reducing the overall attack surface by providing visibility over shadow IT and third-party vendors sending on behalf of an organization’s brand.Darktrace/DMARC integrates with the wider Darktrace product platform, sharing insights to help further secure your business.
About Darktrace
Darktrace (DARK.L), a global leader in cyber security artificial intelligence, delivers complete AI-powered solutions in its mission to free the world of cyber disruption. Its technology continuously learns and updates its knowledge of ‘you’ for an organization and applies that understanding to achieve an optimal state of cyber security. Breakthrough innovations from its R&D Centers have resulted in more than 165patent applications filed. Darktrace employs 2,300 people around the world and protects over 9,200 organizations globally from advanced cyber threats.
2024 Darktrace Holdings Limited. All rights reserved. The Darktrace name, logo, and other trademarks used herein are trademarks of Darktrace Holdings Limited. The names of other companies, products and services are the property of their respective owners
info@darktrace.com
darktrace.com