Darktrace, a global pioneer in cybersecurity AI, announces the launch of its new service offering, Darktrace Managed Detection & Response (MDR). The service combines its best-in-class detection and response capabilities spanning across the enterprise, with the expertise of its global analyst team.
This powerful combination augments internal security teams with AI-powered threat containment and expert alert management across Darktrace environments, allowing them to focus resources on more strategic security efforts, like improving cyber resilience.
Effective human-AI collaboration
The service offers customers expanded hands-on analyst support with 24/7 managed detection
Over 40% of security pioneers cite enhancing and optimising technology and processes in the security operations centre (SOC) as a top priority for improving defences against the rise of AI-powered threats according to the Darktrace State of AI Cybersecurity 2024 report. As a pioneer in applying AI to the challenge of cybersecurity, Darktrace has transformed security operations for thousands of customers for more than a decade.
Building upon this expertise Darktrace introduced its MDR service in March 2024, empowering customers to maximise the benefits of effective human-AI collaboration. The service offers customers expanded hands-on analyst support with 24/7 managed detection and response, featuring SOC investigation and action on Darktrace alerts, across network, cloud, operational technology (OT), endpoints and software-as-a-service (SaaS) applications.
Human engagement on the AI’s actions
With MDR, Darktrace’s SOC team will monitor customer environments for high-priority alerts indicative of an attack, conduct investigations to alert customers of potentially severe incidents and begin initial triage with human engagement on the AI’s actions.
The SOC will carefully review the response measures the autonomous AI has taken and subsequently take proactive steps on behalf of the customer to contain threats, which may include extending or escalating response actions. By doing so, the SOC buys valuable time for internal teams to prepare for engagement while also gathering essential context for effective remediation efforts.
Darktrace’s leadership and expertise
Service builds upon Darktrace’s slip and expertise with best-in-class detection and response
Darktrace’s existing global SOC team comprised of 100+ world-class cybersecurity analysts supports the service, offering a breadth of real-time knowledge, threat analysis and containment expertise, and extensive field experience. Darktrace’s SOC offers 24/7 support, utilising a follow-the-sun model with operations headquartered in the United Kingdom, United States and Singapore, to ensure analysts are available and ready to support around the clock.
The service builds upon Darktrace’s leadership and expertise with best-in-class detection and response capabilities. The Darktrace ActiveAI Security Platform utilises its unique self-learning AI engine to detect known, unknown, and novel threats in real-time and provide an autonomous response to contain active threats without disrupting business operations. However, high-priority threats often require humans to engage and make decisions following the initial containment.
Benefits of Darktrace Managed Detection & Response
Darktrace Managed Detection & Response now enables the Darktrace SOC to immediately step in, conduct the initial triage, and gather context for internal teams, buying them added time to coordinate an effective response to remove the threat. Additional features and benefits of Darktrace Managed Detection & Response include:
- Expansive coverage across network, cloud, OT, endpoints, or SaaS applications offering one of the broadest vendor MDR services available today.
- Unlimited access to Darktrace’s analyst team providing 24/7 support for expert assistance during live threat investigations or even day-to-day operations.
- Semi-annual operational efficiency reports featuring consultancy insight with objectives and recommendations for optimising and tuning deployments for maximum operational efficiency, and suggestions on improving overall cybersecurity hygiene.
- Quarterly analyst MDR reviews ensuring deployments are reaching their full potential, with tailored advice on streamlining workflows, model optimisation and custom use cases.
- Regular MDR service reports summarizing all alerts raised as well as those resolved by Darktrace’s SOC for full transparency of service.
AI-powered MDR service
“As cyber threats become more sophisticated and frequent, organisations are looking for ways to help improve their security outcomes without adding to their team’s existing workloads,” said Denise Walter, Chief Revenue Officer, Darktrace.
“Our AI-powered MDR service gives our customers added peace of mind that a Darktrace human expert is monitoring their environment 24/7 to keep them protected. Darktrace Managed Detection & Response brings not only the power of our technology, but the power of our people directly into our customers’ environments.”
Darktrace's MDR service
Darktrace partners can re-sell the service, helping to deliver added value for customers
Darktrace Managed Detection & Response is available now to customers using Darktrace DETECT™ and RESPOND™, across Networks, Cloud, OT, Endpoints, or SaaS applications. Darktrace partners can re-sell the service, helping to deliver added value for customers with a complementary offering for their existing portfolio.
“At Grove, we are excited to partner with Darktrace to offer their Managed Detection & Response (MDR) service to our clients. This collaboration seamlessly integrates our services and together, Darktrace's MDR service and our dSOC service, offer unparalleled security through skilled analysis and consistent oversight," said James Vintin, CEO at Grove Group, a global partner, reseller and distributor focused on defending customers with advanced cybersecurity solutions.
Darktrace's 24/7 AI-driven threat
Vintin added: “Combining Darktrace's 24/7 AI-driven threat containment and immediate intervention with Grove's proactive daily analysis, Indicator of Compromise reports, and continuous customer interaction ensures that potential threats are promptly identified and addressed."
"Our partnership enhances our clients' overall security posture and delivers the best of both worlds: immediate and long-term protection against evolving cyber threats.”
