Defending the Endpoint with AI

2022-04-12 07:46

Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere.

Darktrace is mirroring the approach it takes to security at the core of the network with an endpoint agent that uses machine learning to protect PCs. "The way we operate our businesses has changed so drastically over the last few years," says Justin Fier, the company's Director of Cyber Intelligence & Analytics.

Its self-learning mechanism can adopt a proportional response based on how serious it thinks the behavior is, ranging from quarantining an email through to cutting an endpoint off from the entire network.

That's all well and good for endpoints that are on the corporate network, or at least connected by a VPN. But what about those endpoints that aren't or temporarily disconnect from the VPN? Let's say an employee takes a device home to access the company network, which is something far more likely to happen in a post-pandemic world.

Darktrace Antigena continues to protect other endpoint devices that don't have agents, such as mobile devices running Android and iOS, by monitoring their network traffic.

As people settle into a new post-pandemic working model, Fier predicts bigger changes in endpoint security.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/12/darktrace_red_team_automation/

#AI #endpoint