Darktrace/OT use cases

Uncovers the full range of ICS threats

Because it learns your business and looks for unusual behavior, rather than looking for known threats, Darktrace/OT reveals the full range of threatening activity in your ICS environment.

Advanced Persistent Threats (APTs)

APTs are sophisticated and stealthy threat actors who may blend various IT techniques - including zero day exploits and malware applications - in order to evade detection and reach industrial systems with OT payloads. By exfiltrating OT project files and programs, and reinstalling them with modifications made by their own OT engineers, these high-resource techniques can sabotage physical processes and create highly unsafe process conditions.

Darktrace reveals and responds to subtle APT techniques, taking action to maintain safety and production processes.

Sample analysis of Darktrace/OT
Every cyber-attack is different, but here’s some unusual activity Darktrace/OT might find when uncovering an APT attack:
Beaconing Activity to External Rare
Anomalous IT to ICS Connection
Unusual Activity from OT Device
Rare External from OT Device
Unusual RDP Connections

Industrial Ransomware

Ransomware is typically fast-moving and indiscriminate, impacting OT systems both directly and indirectly. Production can be jeopardized by the reliance of OT systems on vulnerable IT services, which control crucial processes such as customer ordering, and if ransomware deliberately targets an OT network and encrypts project files and backups, the clean-up process can be costly and time-consuming.

Darktrace RESPOND takes targeted action to contain ransomware as soon as it emerges in the IT layer, when it is still far from production systems. 

Sample analysis of Darktrace/OT
Every cyber-attack is different, but here’s how an industrial ransomware attack might look in Darktrace/OT:
Unusual Activity from OT Device
Unusual Data Transfer by OT
Unusual Data Download / Upload
SMBの不審な動き
High Risk File and Unusual SMB

OT Cloud

The adoption of OT Cloud/ICSaaS expands an attack surface by increasing connectivity and complexity.  

Darktrace provides unified visibility across IT, OT, and the cloud, helping organisations accelerate digital transformation while mitigating the risks that it entails.

Even better with: Darktrace/Cloud and Darktrace/Apps

Sample analysis of Darktrace/OT
Here's some unusual behavior a cyber-attack spanning cloud and OT might trigger in Darktrace:
Unusual External Source for SaaS Credential Use
IaaS Security Rule Delete
Lateral Movement and C2 Activity
Anomaly then New ICS Commands
Multiple New Reprograms

Asset Inventory

Darktrace/OT provides complete visibility and a comprehensive list of assets with many networking and device details passively collected from network traffic (or optionally using smart active identification).

An Unlimited Number of Attacks

対処回数は無制限

Good news for your business.
Bad news for the bad guys.

無償トライアルを開始

無償トライアルを開始

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
For more information, please see our Privacy Notice.
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。

デモを見る

柔軟な導入
仮想的にインストールすることも、ハードウェアでインストールすることも可能です。
迅速なインストール
設定時間はわずか1時間、メールセキュリティのトライアルはさらに短時間で完了します。
製品を選ぶ
クラウド、ネットワーク、Eメールなど、最も必要とされる領域で自己学習型AIの能力をお試しください。
購入義務なし
Darktrace Threat Visualizerと組織毎にカスタマイズされた3回の脅威レポートへのフルアクセスを提供しますが、購入の義務はありません。
ありがとうございます!あなたの投稿を受け取りました。
フォームを送信する際に何らかの問題が発生しました。