Darktrace Antigena is an active self-defence product that extends Darktrace’s core power of detection, replicating the function of digital antibodies that identify and neutralise threats and viruses.
Working in parallel, the Darktrace Enterprise Immune System identifies suspicious activity, triggering Antigena to respond in real time, depending on the severity of the threat. This may include slowing down a connection identified as the route of the attack or switching it off completely, quarantining users, systems or devices as required, or marking specific content for further investigation.
The machine learning technology identifies and protects against unknown threats as they develop, without the need for human intervention, prior knowledge of attacks, rules or signatures. With this automated response capability, organisations can respond to threats faster, without disrupting the normal pattern of business activity.
Antigena by no means makes security teams redundant. Skilled professionals will always be critical to enterprise security; the role of Antigena is to get there first and take measured action to mitigate risks, before the human arrives on the scene. Attacks are becoming more aggressive, so defences need to directly fight back at machine speed. With Antigena, Security Analysts are given a vital time window in which to take action.
Darktrace Antigena modules assist in regulating user and machine access to the internet, message protocols and machine and network connectivity. They are deployed as physical appliances and can also interface with Software Defined Networks (SDNs) and Active Directory.
- Antigena Internet – regulates user and machine access to the internet and beyond
- Antigena Communication – regulates e-mail, chat and other messaging protocols
- Antigena Network – regulates machine and network connectivity and user access permissions.