Cybersecurity company Darktrace is expanding Darktrace/CLOUD to support Microsoft Azure environments. The AI-driven cloud detection and response system leverages Microsoft’s virtual network flow logs for agentless deployment, slashing deployment times by 95%.
The need for AI-driven cloud security has never been more critical. 51% of US organisations use cloud computing today, and global spending on public cloud services is expected to reach USD805 billion in 2024.
Moreover, Darktrace’s State of AI Cybersecurity report found that 61% of cybersecurity professionals surveyed believe cloud security will be the area most impacted by defensive AI over the next three years. Yet, security professionals highlight the lack of skills and cost as barriers to building. Darktrace/CLOUD helps organisations tackle these challenges head on.
Enabling teams through real-time understanding, detection and response in the cloud
Also available for AWS deployments, Darktrace/CLOUD is built from the ground up for cloud defence. It leverages Darktrace’s unique self-learning AI to monitor cloud assets, containers and users and correlate that activity with identity and network data from across an organisation’s digital ecosystem. This contextualised understanding enables Darktrace/CLOUD to provide proactive detection, investigation and response to malicious activity across cloud environments, within seconds.
Darktrace’s Self-Learning AI also enables Darktrace/CLOUD to deliver automated cloud security posture management (CSPM). It continuously assesses cloud configurations against industry standards, and allows security teams to identify and prioritise misconfigurations, vulnerabilities, and policy violations in real-time. These capabilities give security teams a complete, live understanding of their cloud environments and help them focus their limited time and resources where they are needed most.
“Darktrace/CLOUD is an exciting expansion of Darktrace and Microsoft’s longstanding collaboration,” said Microsoft UK Global Partner Solutions Lead Orla McGrath. “It brings real-time cloud detection and response to Microsoft Azure customers, and through Darktrace’s integration with virtual network flow logs, makes accessing that new level of security fast and simple.”
Simplified deployment with Microsoft Azure
Darktrace/CLOUD is one of the first security systems to integrate with Microsoft Azure’s virtual network flow logs for agentless deployment into the cloud. By leveraging virtual network flow logs, Darktrace/CLOUD automatically captures network data and integrates into Azure cloud environments with minimal manual effort beyond initial configuration. Consequently, deployment times are reduced to as little as 15 minutes, from several weeks, common for agent-based systems, and several days with most agentless systems.
Lowered cloud operating costs through agentless deployment
Darktrace/CLOUD’s agentless approach additionally lowers the cost of operating cloud by eliminating the CPU and memory consumption associated with cloud security agents. Through Darktrace/CLOUD’s agentless approach, the need for dedicated resources per cloud instance is reduced and performance impact minimised. Teams can scale their security across their cloud architecture without the cost of additional agents.
“As organisations rapidly transition to the cloud, cloud detection and response are becoming critical to ensuring safety and security, but personnel and cost are proving notable barriers to their effective deployment,” said Darktrace’s Chief Product Officer Max Heinemeyer.
“We built Darktrace/CLOUD to help teams protect their cloud with the resources they have. Using our self-learning AI, integrated with Microsoft Azure, it deploys quickly and easily then provides teams with constant visibility, autonomous investigation and real-time response without ballooning operating costs. Teams can focus on building their resilience, not firefighting.”