Darktrace/Cloud allows us to see the interconnection between different assets within an account in an interactive way, which makes it easier to analyze their behavior and detect bad configurations.
-
Jose Huenuman
,
CISO
,
D24

サマリー:

  • Enhanced visibility with shared ML intelligence across multiple coverage areas
  • Cloud-native security for a cloud-first business
  • Augmenting a smaller security team with Cyber AI Analyst

AI-enhanced visibility and intelligence across the digital estate

D24 operates in high-risk industries, such as gambling, in various markets including Latin America, Asia, and Africa. As a payment processor, its main challenges from a cyber security perspective are minimizing the risk of fraud among transactions and minimizing exposure to distributed denial-of-service (DDoS) attacks. In the event of an incident, its main concerns are preventing the exfiltration of data and acting with speed to prevent downtime resulting in payment delays.

Before adopting Darktrace, the business was struggling with maintaining visibility and a lack of control over autonomous threats. D24 was looking for a solution that would offer greater overview of its environment, as well as the ability to respond to threats with speed.

Darktrace achieves this with its AI-powered cyber security. Self-Learning AI continuously learns normal for every organization, allowing it to recognize abnormal activity that indicates a cyber-attack. This approach goes beyond visibility to give the security team increased understanding of the devices and behaviors in the digital estate. Since it uses AI, the technology can autonomously respond to threats within seconds.

By adopting Darktrace across a number of coverage areas, including network, SaaS, email, zero trust, and AWS cloud environments, D24 benefits from the shared intelligence of multiple interconnected AI engines. This offers greater visibility and precision across the business – insights from the network can be used to improve the accuracy of actioned emails, while email behavior can be used to inform the validity of SaaS actions.

Darktrace is now core to D24’s security stack. As D24 expands its services into other industries such as crypto, retail, and ticket sales, the company feels confident in Darktrace’s ability to scale and adapt its security to the evolving business.

Cloud-native security for a cloud-first business

The business is 100% cloud-hosted, with assets distributed among AWS, GCP, and Google Workspace. AWS is particularly critical as it hosts D24’s APIs, through which all pay-in and pay-out payments are processed. With multiple assets across different cloud services, gaining a centralized view of the company’s cloud architecture was crucial to be able to control the associated risks.

Darktrace DETECT/Cloud/AWS has helped D24 gain a 360° visualization of all cloud assets. With a deep AWS partnership, Darktrace covers every layer of the AWS cloud from IaaS to SaaS, supports serverless architectures, and has earned the AWS “Well Architectured” badge.

“Darktrace DETECT/Cloud/AWS allows us to see the interconnection between different assets within an account in an interactive way, which makes it easier to analyze their behavior and detect bad configurations,” said Jose Huenuman, CISO at D24. On top of visibility, applying behavior-based detection with AI has helped to reduce false positives and allowed the team to focus on important events.

Darktrace also helped surface unauthorized changed by cloud account administrators, which allowed the business to improve its internal processes. This has been useful for adhering to regulatory compliance such as the Payment Card Industry Data Security Standard (PCI DSS).

Augmenting a smaller security team with Cyber AI Analyst

Working with a small security team, Huenuman leans on Darktrace for automating many day-to-day security tasks and helping to prioritize critical events. Cyber AI Analyst helps reduce time-to-meaning, particularly in the analysis of cloud events and user traceability. Huenuman estimates that previous response times of 30 minutes have been reduced to under five minutes using Darktrace.

D24 also subscribes to Darktrace’s Ask the Expert (ATE) service, which offers the security team 24/7 access to expert cyber analysts who can provide assistance and answer queries. “Using the service to help investigate some alerts has helped us better understand the context and maximize the use of Darktrace for analysis,” Huenuman said.

該当する項目はありません。
Our ai. Your data.

Elevate your cyber defenses with Darktrace AI

無償トライアルを開始
Darktrace AI protecting a business from cyber threats.