Darktrace DETECT is fantastic because it gives us the alert and shows us what’s going on. But RESPOND is one step better, because it actually takes action on the alert, so you don’t need to be there to see the alert. It’s already taking action.
- Benefits from improved visibility across digital estate
- Darktrace detects and responds to attacks
- Self-Learning AI discovered remote user’s compromised device
Leveraging AI to Increase Visibility
With multiple facilities and a wide variety of services, Masonicare has a complex IT environment. It turned to Darktrace in 2016 to bolster its cyber security posture and gain greater visibility into its digital estate.
Darktrace’s Self-Learning AI learns each organization’s unique “pattern of life” to create bespoke security solutions. It traces behaviors, patterns, and connections made across the digital infrastructure, and then applies this understanding to detect abnormal activity that indicates a cyber-attack. This unique approach allows Darktrace to detect all kinds of attacks, both known and unknown, and the AI can cover any part of the digital estate that has data.
Masonicare now relies on Darktrace as a Security Operations Center (SOC). The security team uses Darktrace daily to keep track of all digital activity as well as identify and investigate attacks.
“Darktrace DETECT™ keeps our network safe by making it fully transparent,” said Henry Feder, IT security specialist at Masonicare. “We use it every day to make sure that everything is looking good on a minute-by-minute basis.”
Neutralizing Attacks with Autonomous Response
In the current, ever-evolving threat landscape, cyber-attacks have become inevitable. Masonicare deployed Darktrace RESPOND™ to ensure that attacks would be neutralized 24 hours a day, 365 days a year.
Darktrace DETECT and RESPOND form part of the overarching technology vision of a Cyber AI Loop: an interconnected set of cyber security solutions that continuously feed into and improve the system as a whole. For example, when DETECT recognizes an attack, it feeds into RESPOND so that the AI can make precise micro-decisions to stop the attack in seconds.
“Darktrace DETECT is fantastic because it gives us the alert and shows us what’s going on. But RESPOND is one step better, because it actually takes action on the alert, so you don’t need to be there to see the alert. It’s already taking action,” said Tyler Timek, manager of Masonicare’s IT security team, desktop team, and service desk team.
Since the Self-Learning AI has a dynamic understanding of an organization’s “pattern of life,” the actions of Autonomous Response do not disrupt normal business operations.
Identifying Malware in a Hybrid Work Environment
Darktrace successfully protects Masonicare’s digital systems. In one case, Darktrace alerted Masonicare that a remote user’s device was compromised. The IT team reached out to the user and discovered that the user’s home router had been infected with malware, possibly some Domain Name System (DNS) hijacking code. The user then received a new, clean router from the internet service provider.
Darktrace is powerful and accurate enough to detect malware on a remote user’s device, even when the user works through a Virtual Private Network (VPN). Not only did identifying this compromised device maintain the integrity of Masonicare’s systems, but it also protected another company’s digital infrastructure, as the user’s spouse similarly relied on the infected router while working remotely.
The Cyber AI Loop continues to support Masonicare with rapid, detail-oriented alerts and investigations that save the IT team time.
“Darktrace is excellent” Feder said. “Not only is the product top notch, but the customer service and staffing are excellent. They’ve always been there for us whenever we’ve had an issue and they’re always trying to evolve, adapt, and make their product better, which is necessary in today’s cyber security world.”
Not only is the product top notch, but the customer service and staffing are excellent.