Customer Stories

Funding Circle

For our small security team, the unified view that Darktrace gives us over our hybrid and multi-cloud infrastructure has been a game-changer.

-
Alberto Martinez
,
Senior Information Security Engineer
,
Funding Circle

一目でわかる。

Achieved 100% on-premise and AWS visibility with unified view  

Dramatically reduced the incidence of false positive alerting  

Detected serious compliance breaches including crypto-mining

Security Pressures in the Financial Services Industry


The first website to facilitate peer-to-peer business financing in the UK, Funding Circle now also operates in the US, Germany, and the Netherlands. Its 81,000 global investors have lent approximately £7 billion to date, creating an estimated 115,000 new jobs in 2018 alone. Given the rapid evolution of the cyber-attacks targeting these funds — as well as the equally rapid expansion of the company itself — Funding Circle sought a security solution capable of keeping pace with both the changing threat landscape and its own changing network.

The financial services industry suffered more cyber security incidents than any other economic sector in each of the last two years, with European financial firms facing an average of 85 annual attempted breaches. To protect its valuable assets and sensitive data, the industry has responded by investing heavily in conventional cyber defenses. Yet criminals have countered by launching never-before-seen attacks designed to bypass traditional security tools, which rely on rules, signatures, and prior assumptions to detect known threats.

Beyond the overarching challenge of preempting never-before-seen malware, Funding Circle was especially concerned by threats to its cloud infrastructure, which introduced key security blind spots. Indeed, gaining visibility into AWS — where the company houses sensitive corporate data — is a priority for many organizations migrating to the cloud. From social engineering attacks to insider threats to stolen credentials, many of the risks to services like AWS are user-dependent. As a consequence, any security tool up to the task of defending an AWS environment must understand how these users work and collaborate across the entire digital infrastructure — not just within one application or service.

Finally, Funding Circle found that, as it made changes to its AWS infrastructure, its security stack struggled to differentiate between benign modifications and genuinely malicious activity, generating a flood of false positive alerts. Without enough time in the day to sort through so many false positives, the company needed an AI tool to automatically prioritize the most serious incidents on behalf of its security team.

Boosting AWS Defenses with Darktrace/Cloud

Following the completion of a successful Proof of Value (POV), Funding Circle deployed Darktrace, including Darktrace/Cloud to defend its AWS workloads. Powered by Self-Learning AI, Darktrace immediately began learning the normal 'pattern of life' of every user, device, and container at the company. This continuously refined sense of 'self' enables the AI to detect even subtle deviations from normalcy, such as never-before-seen threats that exhibit highly anomalous behavior. 

With Darktrace/Cloud, Funding Circle's lean security team also gained total oversight over cloud activities that had previously been invisible. As CSPs like Amazon continue to bolster their defenses, cyber-criminals are increasingly targeting the customer's portion of the cloud's Shared Responsibility Model, rendering visibility all the more important. In fact, industry experts estimate that 99% of cloud security failures will have occurred at the customer end through 2023. But with Darktrace DETECT flagging unusual malicious activity in the cloud, Funding Circle’s workflows are secured across its digital environment.

Uncovering Insider Threats and Vulnerabilities

Darktrace rapidly transformed Funding Circle's security posture, affording it real-time insights into all activity across its cloud infrastructure. Among the numerous cyber hygiene issues that Darktrace DETECT has drawn out are insider BitTorrent usage, connections to unauthorized SaaS applications, and crypto-mining using company resources.

Moreover, because Darktrace AI intelligently prioritizes potential threats  based  on  its  nuanced  understanding  of  'self,'   it all but eliminated the company's flood of false positives. "Our infrastructure is pretty volatile, since we have a lot of containers coming online and offline frequently," commented Martinez. "In the past, this volatility has led to a high number of false positives, but Darktrace is able to sift through the noise to find the genuine threats.”

Darktrace was extremely easy to deploy compared to the other vendors we tried, and the visibility it gave us over our cloud environment was night-and-day compared to the capabilities we had before.

-
Alberto Martinez
,
Senior Information Security Engineer
,
Funding Circle
顧客について
Funding Circle is a peer-to-peer lending marketplace that empowers private investors, governments, and financial institutions to lend money directly to small businesses. These investors can choose to lend conservatively to only firms assessed as low risk, or to loan funds to the full range of the site's creditworthy borrowers for a higher projected return.
導入事例をダウンロードする
share this story

Good news for your business.
Bad news for the bad guys.

無償トライアルを開始

無償トライアルを開始

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
For more information, please see our Privacy Notice.
Thanks, your request has been received
A member of our team will be in touch with you shortly.
YOU MAY FIND INTERESTING
フォームを送信する際に何らかの問題が発生しました。

デモを見る

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。