in Security

Darktrace adds early warning system to Antigena Email

Posted 30 June 2022

Cambridge based Darktrace has added an early warning system to its Antigena Email product, allowing members of the Darktrace community to contribute and benefit from insights gleaned from across the fleet.



Above: Jack Stockdale OBE, Darktrace CTO.
Courtesy Darktrace


This new capability is now available to Antigena Email users and includes the extension of anonymised, learned domain behavioral profiles across Darktrace’s expansive and diverse group of global customers.

“Darktrace stops all kinds of cyber-attacks against organizations in every sector in over 110 countries globally. That represents a huge bank of knowledge about how malicious payloads behave in the very earliest stage of a cyber-attack,” commented Jack Stockdale OBE, Darktrace CTO. “Antigena Email has now realised the vision of leveraging collaborative, anonymised insights to leave attackers with nowhere to hide.”

Ninety-four per cent of cyber-attacks begin in the inbox. As organisations continue to rely on email as a primary workplace collaboration tool and attacks become increasingly novel and sophisticated, email security technologies that rely on behaviour rather than threat intelligence become more imperative.

Darktrace’s Self-Learning AI observes emails to build bespoke behavioral profiles for each customer and leverages these behavioural profiles, rather than a ledger of binary ‘good’ or ‘bad,’ to accurately determine whether each email belongs in a recipient’s inbox. Antigena Email uniquely analyses domains within email addresses and links in email bodies and attachments to evaluate their popularity and typical presence in the inbox.

Now, when Antigena detects unusual domain behavior in a customer environment, a supplementary interpretation can be made by comparison with this new fleet-wide version of the behavioural profiles. This new functionality can lead to increased suspicion, for example, of a potential account compromise when a fleet-wide popular domain suddenly strays from its usual behavioural patterns – even in a trusted supplier or vendor.

This update recently allowed Darktrace to stop a phishing campaign sent from a compromised government account in South America that was soliciting fake philanthropic donations. Although the government domain was legitimate, the attacker had inserted their own 'reply-to' address into the email headers. This address had zero domain precedent locally or globally and, in combination with other indicators, led Antigena Email to flag this email as suspicious.
 

 

 

 

 

Other Stories
Advertisement
Latest News

Babcock partners with IAI on MoD SERPENS radar programme

Babcock has signed a Memorandum of Understanding (MoU) with Israel Aerospace Industries’ (IAI) Group and Subsidiary ELTA Systems to provide a deep-find radar solution for the UK Ministry of Defence’s SERPENS programme.

Vice Admiral Sir Chris Gardner KBE appointed CEO of SDA

The Prime Minister has approved the appointment of Vice Admiral Sir Chris Gardner KBE as the new CEO of the Submarine Delivery Agency (SDA).

Bristow to deliver UKSAR2G with Schiebel Camcopter capability

Bristow has been awarded a 10-year contract by the UK Maritime Coastguard Agency (MCA) to deliver the Second-Generation Search and Rescue (UKSAR2G) programme, with the contract including the operational deployment of

Inter-Tec Aero moves European business to Shannon

Inter-Tec Aero Ltd, which offers bespoke aerospace design, certification and analysis solutions to a broad range of aircraft platforms, has relocated its EASA DOA office from Sligo in Ireland to Shannon, as of 1st July this year.

Menzies Aviation secures eight airport contracts in Pakistan

Menzies Aviation today announced more than a dozen significant contract wins in Pakistan since it acquired a 49% shareholding in Royal Airport Services (RAS), an aviation services business based in Pakistan.

Element acquires Singapore Test Services

Element Materials Technology (Element) has acquired testing, inspection, calibration and certification provider, Singapore Test Services (STS), a subsidiary of ST Engineering.

ODU SK0104300422
See us at
DVD BT2704220922Future Arm Vehicles Power Systems BTGlobalMilSatCom BT2006101122Advanced Engin BT2504031122