Darktrace and Vectra product overviews
Introduction
It’s easy to see that the information security field is full of intrusion detection and prevention systems options. Two of the most popular products today are Darktrace and Vectra.
This article will explore both the Darktrace and Vectra intrusion detection and prevention products, looking at the various pros and cons of each. As we strive to make this article an unbiased, objective review of both, you will walk away with more complete knowledge of both products and doubtless have a much easier time choosing between them.
Before we begin, a quick definition. For those new to these products, IDS products monitor networks and systems for intrusions, malicious activity and policy violations.
Darktrace
Founded by cybersecurity experts and UK intelligence personnel at Cambridge University, Darktrace uses innovative tactics to combat cyberattacks. Leveraging AI machine learning, Darktrace Enterprise Immune System and its new IDS product, Antigena, learn by analyzing an enormous amount of data and rely on probabilistic mathematics to determine the likelihood of an attack. Darktrace does not lean on rules, signatures or prior assumptions. For many, Darktrace is both a powerful and useful product.
The unique thing about Darktrace is that it is modeled on the human immune system. When it predicts that an attack is likely to occur, it releases its own form of antigens to slow down and deter attacks. Real-world examples of this can include identifying an attack route and slowing down the connection speed, switching off routes completely, marking specific content for subsequent investigations and quarantining systems, users and devices as the situation requires. From a functionality perspective, Darktrace Antigena will be able to handle most organizations’ IDS needs.
Recently, Darktrace unveiled Antigena v2. This new version includes an email module capable of blocking threats at the point of entry, autonomous response for email, network (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/kreB8gVu9LM/
