Data Sheet Cyber AI Security for Microsoft Azure

Powered by self-learning Cyber AI, Darktrace brings real-time visibility and autonomous defense to your Azure cloud.

Key Benefits Cyber AI Defense for Dynamic Protecting Azure Cloud From Novel Workforces and Workloads and Advanced Threats ✔ Learns ‘on the job’ to offer The Darktrace Immune System provides a unified, AI-native Data Exfiltration and Destruction continuous, context-based platform for autonomous threat detection, investigation, defense and response in Azure and across the enterprise, ensuring  Detects anomalous device connections and user your dynamic workforce is always protected. access, as well as unusual resource deletion, ✔ Offers complete real-time visibility modification, and movement. of your organization’s Azure With advanced Cyber AI, Darktrace builds a deep environment understanding of normal behavior in your Azure cloud Critical Misconfigurations environment to identify even the most subtle deviations ✔ Autonomously neutralizes novel from usual activity that point to a threat – no matter how  Identifies unusual permission changes and and advanced threats sophisticated or novel. anomalous activity around compliance-related data ✔ Cyber AI Analyst automates and devices. threat investigation, reducing time to triage by up to 92% Compromised credentials  Spots brute-force attempts, unusual login source or time, and unusual user behavior including rule changes and password resets. “Darktrace complements Microsoft’s security products Insider Threat and Admin Abuse with AI and takes us to  Identifies the subtle signs of malicious insiders, another level.” including sensitive file access, resource modification, role changes, and adding/deleting users. Global Head of Information Solutions, Mainstream Renewable Power Figure 1: Darktrace’s dedicated interface for cloud-based threats Data Sheet | 2

An AI-Native Solution for Azure This comprehensive view allows the Darktrace Autonomous Defense: Cloud Security Immune System to deliver defense across all your Darktrace Immune System Azure services, including: The Darktrace Immune System continuously monitors Detect all Azure cloud traffic via Darktrace osSensors:  Azure DevOps  Azure SQL lightweight, host-based server agents that allow  With self-learning AI, the Darktrace Immune  Virtual Machines  Blob Storage Darktrace’s Cyber AI to build rich behavioral models System can detect the sophisticated and novel for workforce and workload activity.  CosmosDB  Queue Storage threats that policy-based controls simply can’t.

Each osSensor feeds traffic to a local Darktrace  Azure Active Directory  File Storage Respond vSensor, which then feeds the relevant metadata to  Azure Function  Table Storage a Darktrace master probe in the cloud or corporate  Darktrace Antigena is the world’s first network for analysis. Autonomous Response technology that can interrupt attacks on your behalf, at machine Darktrace's Security Module for Azure provides speed and with surgical precision. additional visibility, allowing for Cyber AI-powered monitoring of management activity, user access, and “Darktrace AI adapts while on the job, Investigate resource creation. Monitoring is achieved via HTTPS illuminating cloud infrastructure in real requests made with an authenticated token to the time and allowing us to defend the cloud  Combining human security expertise with Microsoft Graph API. with confidence.” AI for the first time, Darktrace’s Cyber AI Analyst automatically investigates every With its bespoke, continuously evolving knowledge Jason Barr, CISO, Aptean threat and reports on the full scope of of how your business operates in the cloud, incidents – reducing triage time by up to 92%. Darktrace’s Cyber AI can put behavior in context and spot deviations from normal activity that point to an emerging threat.

Figure 2: The Darktrace Immune System ensures your dynamic workforce is always protected. Data Sheet | 3

Unified, Self-Learning Security This is of critical benefit, as businesses and For More Information workforces today are increasingly complex and Across the Enterprise  Book a free trial dynamic. With Darktrace’s pervasive approach, The Darktrace Immune System provides the  Read our Cloud Security White Paper Cyber AI can connect the dots between unusual industry’s only self-learning platform that correlates YOUTUBE Visit our YouTube channel behavior in disparate infrastructure areas and ensure information from across the organization and cloud security is not siloed from the protection of the adapts in real time – improving productivity across organization. the security team and letting you accelerate digital transformation and innovation.

Taking a fundamentally unique approach, the Darktrace Immune System can correlate behavior in Azure with activity across SaaS, email, remote endpoints, and any range of on- and off-premise infrastructure.

For customers who use Microsoft 365 workspace collaboration tools, Darktrace’s Microsoft SaaS Module adds visibility and protection across Outlook, Microsoft Teams, SharePoint, and OneDrive, identifying account takeovers and misuse. With a dedicated SaaS console, Darktrace offers unprecedented visibility of workforce activity across these applications.

Moreover, Antigena Email constantly adapts and analyzes Microsoft 365 email communications in the context of ‘normal’ for the sender, recipient, and wider organization. This allows it to identify and respond to the full range of email attacks, from fraudulent payment requests to sophisticated spear phishing.

E: [email protected] twitter @darktrace www.darktrace.com