Products
SHARE
Facebook X Pinterest WhatsApp

Darktrace Enterprise Immune System: IDPS Product Overview and Analysis

See our complete list of top Intrusion Detection and Prevention Systems. Company Description Darktrace was founded in Cambridge, UK, in 2013 by mathematicians and machine learning specialists from the University of Cambridge, together with world-intelligence experts from MI5 and GCHQ. The goal was to detect emerging cyber threats to proactively defend against in-progress cyber attacks. […]

Written By
thumbnail Drew Robb
Drew Robb
Feb 20, 2018
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

See our complete list of top Intrusion Detection and Prevention Systems.

Company Description

Darktrace was founded in Cambridge, UK, in 2013 by mathematicians and machine learning specialists from the University of Cambridge, together with world-intelligence experts from MI5 and GCHQ. The goal was to detect emerging cyber threats to proactively defend against in-progress cyber attacks. The company has raised over $175 million in funding from investors and is headquartered in Cambridge, UK, and San Francisco, with offices around the world.

Note that Darktrace does not consider itself an IPS or IDPS solution, and Gartner agrees that the company does not fit that category. However, the analyst firm named it a vendor to watch for this area of the market.

Product Description

The Darktrace Enterprise Immune System is machine learning technology for cyber defense. Inspired by the self-learning intelligence of the human immune system, this new class of technology is said to enable a fundamental shift in the way organizations defend themselves, amid a new era of sophisticated and pervasive cyber-threats. Powered by machine learning and AI algorithms, it iteratively learns a unique “pattern of life” (“self”) for every device and user on a network, and correlates these insights in order to spot emerging threats that would otherwise go unnoticed.

Like the human immune system, the Enterprise Immune System does not require previous experience of a threat or pattern of activity in order to understand that it is potentially threatening. It works automatically, without prior knowledge or signatures, detecting and fighting back against subtle, stealthy attacks inside the network in real time.

In its IDPS Magic Quadrant, Gartner said Darktrace deploys like existing IDS technology, “but then uses a number of existing and its own custom-developed algorithms and analytics to build a mathematical model of users and entities on a network, looking for outliers that are turned into alerts for analysts to then investigate. … This approach is innovative because it helps deal with a number of pressing issues in the network security market as the technology addresses alert fatigue by generating significantly less alerts for analysts to triage.”

The technology can also detect active threats on the inside of a network, but, because there is no “known threat” capability, it does not rapidly detect existing known threats, Gartner added.

Markets and Use Cases

Large enterprise sites across all verticals.

Metrics

The Darktrace vSensor extracts only the relevant metadata using the Darkflow system, sending 1% of the original raw network traffic ingested onto the master appliance wherever it is located on the physical network.

Intelligence

Darktrace is powered by unsupervised machine learning, which is capable of learning what is normal and what is abnormal inside a network on an evolving basis, without using training data or customized models. This allows it to detect cyber-attacks that may not have been observed before, the “unknown unknowns.”

Delivery

Hardware appliance and software

Agents

Yes

Pricing

Not disclosed

thumbnail Drew Robb

Originally from Scotland, Drew Robb has been a writer for more than 25 years. He lives in Florida and specializes in IT, engineering, and business. As well as eWeek and TechRepublic, he writes for a wide range of magazines including Gas Turbine World, SDxCentral, and HR Magazine. He is the author of Server Disk Management in a Windows Environment (Auerbach Publications).

Recommended for you...

thumbnail 5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Products
5 Best Free VPNs You Can Trust (And the Premium Trials Worth Trying)
Matt Gonzales
Sep 4, 2025
thumbnail John the Ripper: Beginner’s Tutorial and Review
Products
John the Ripper: Beginner’s Tutorial and Review
Julien Maury
Sep 3, 2025
thumbnail The 6 Best Enterprise Password Managers You’ll Actually Trust
Products
The 6 Best Enterprise Password Managers You’ll Actually Trust
Matt Gonzales
Aug 27, 2025
thumbnail 5 Cloud Security Providers You Might Be Overlooking
Products
5 Cloud Security Providers You Might Be Overlooking
Matt Gonzales
Aug 25, 2025
eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

facebook
linkedin
x

Company

About us Contact us Advertise with us

Categories

Best Products Networks Cloud Threats Trends Endpoint Applications Compliance

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information