Darktrace Proof of Value

Experience Cyber AI in your own environment for four weeks at no cost.

What is a Proof of Value?

As a Darktrace partner, Allari's Security and Compliance team are offering an easy four-week trial that allows you to evaluate Darktrace’s Enterprise Immune System, Threat Visualizer and Antigena Email within your own environment. It allows organizations to understand why some of the world’s leading companies are relying on Darktrace to gain unprecedented visibility into their networks and detect emerging cyber threats within their systems in real time – before they develop into damaging incidents. Our experienced team will install a Darktrace appliance within your environment in just one day, and give you access to our groundbreaking Threat Visualizer interface. During the POV, you will also receive detailed updates on what we find, produced by our world-leading cyber analysts.

Why take advantage of this one?

Achieve Global Visibility

Today’s networks are large, busy and complex, making it very difficult to work out what is going on, where and how, at all times. Darktrace uniquely models, maps and visualizes your entire network, down to device and user level, giving you a unique and intuitive overview of what is going on within your organization.

  • See what your network and interactions really look like
  • Have the ability to ‘zoom in’ on parts of your infrastructure, by network, device or user
  • Understand your own organization better than your adversaries do

Detect Threats That You Did Not Know Existed

Darktrace’s unique immune system approach is powered by fundamental machine learning and probabilistic mathematics. It does not rely on signatures, rules or a priori knowledge of threats or your environment. The technology constantly learns what is ‘normal’ activity in your environment, correlating multiple weak indicators in order to form an accurate understanding of normal and abnormal behavior.

  • Find anomalies and threats that you did not know existed – Darktrace’s machine learning and mathematical approach works from day one, and is constantly learning in order to detect unusual behaviors, without any a priori knowledge
  • Understand what your top security priorities are – Darktrace lets you see and act on the top threats to your organization, without getting distracted by the noise of the network
  • Take timely action to minimize risks to your organization and curb malicious or harmful behaviors

Threat Intelligence Reports

A Darktrace POV includes three weekly Threat Intelligence Reports that will explain and detail the most salient anomalies that the Enterprise Immune System finds, as determined by our expert analysts. Darktrace employs some of the world’s leading cyber intelligence and security professionals. Our cyber threat analysts typically have strong government intelligence backgrounds, from the NSA, GCHQ, MI5 and other intelligence agencies, with unprecedented, real-world experience of encountering and defending against some of the most persistent and pernicious cyber threats and attackers.

  • Benefit from the expert analysis of the world’s leading cyber threat analysts
  • Collaborate directly with our analysts to understand the unique findings of the Darktrace appliance
  • Receive weekly Threat Intelligence Reports from the second week onwards, providing tailored analysis of your environment’s top threats based on the investigations of our lead cyber analysts
  • Get expert advice on threat remediation in response to the anomalies detected

Antigena Email

Antigena Email is a self-learning technology that neutralizes targeted email campaigns and impersonation attacks that evade an organization’s email gateway. Powered by Darktrace’s core AI, Antigena Email technology “understands the human” in the context of dynamic relationships and communication patterns. This enables the system to intelligently determine whether a given email meaningfully deviates from normal interactions between sender, recipient, and the wider organization, instantly revealing the subtle signs of a novel threat.

How does it work?

Installation of the Darktrace Appliance

A single Darktrace appliance can be installed in less than one hour, and uses up to 2U of rack space.

Activation of the Darktrace Antigena Email

The activation of Antigena Email is as simple as it gets and only takes 15 minutes.

Passive Data Collection

Darktrace uses raw network traffic in order to get maximum visibility of your network and to model your enterprise, devices and users to a high degree of accuracy. Data is passively collected using one of the following methods:

  • Port spanning via your existing network equipment
  • Insertion or reuse of an in-line network tap
  • Access to existing repositories of network data

Data Analysis and Modeling

Darktrace immediately starts ingesting, analyzing and modeling network data. Using its unique, probabilistic and machine learning algorithms, Darktrace establishes a ‘pattern of life’ for the enterprise, as well as every individual device and user, and detects true anomalies. Over the course of the POV, this understanding is constantly refined and revised as the Enterprise Immune System incrementally learns more and more about how your organization behaves.

POV Timeline

Darktrace Proof of Value Timeline

Resources required for success

Secure Connection

Darktrace appliances connect back to Darktrace Central Management over a secure and encrypted, dual-factor authentication channel in order to receive new mathematical models and software updates. For managed deployments and POVs, this also enables Darktrace cyber analysts to review and tune system output. Customers maintain total control of the connection, which is initiated and maintained from the appliance and can be started, terminated or audited at any time. For the purposes of carrying out continual health checks, we request that a connection is maintained during normal business hours.

Mapping Data

To take full advantage of the unsupervised machine-learning hosts with dynamic IP addressing, the DHCP signal from server to client must be contained in the data feed. This helps build the most granular understanding of particular machine and user behavior. For deployments beyond the Proof of Value, other forms of mapping data can be used to permit integration with many industry-standard log systems

Privacy & legal considerations

  • Data collection is passive – all collected data remains on-premises and is not uploaded to the cloud or to a Darktrace data center. Data is only accessible through the secure connection unless otherwise agreed.
  • The appliance does not affect network and business operations
  • Data is securely deleted if you do not wish to proceed beyond the POV
  • A shrink wrap legal agreement is required to activate the appliance