Darktrace to Acquire Cybersprint to Advance Cybersecurity AI
Darktrace this week announced it has agreed to acquire Cybersprint B.V., a provider of a tool that employs machine learning algorithms to surface vulnerabilities that cybercriminals might exploit, via a deal valued at $53.7 million.
Nicole Eagan, chief strategy and artificial intelligence (AI) officer for Darktrace, said the attack surface data gathered via the Cybersprint AI technology will enrich the existing Darktrace Detect and Respond solution. That solution uses machine learning technologies to discover anomalies indicative of cyberthreats and then quarantine those threats in real-time.
The Darktrace platform is based on attack path modeling and graph theory that represents organizational networks as directional, weighted graphs with nodes where multiple lines meet and edges where they connect. A weighted graph can be used to identify the path of least resistance to key assets to estimate the probability that an adversary will be able to conduct successful lateral movement from node A to node B. That capability provides a realistic assessment in real-time of both the attack patterns that will be employed against an organization’s most critical assets, noted Eagan.
Armed with those insights, it then becomes feasible to run simulations of those attacks using the Darktrace platform, she added.
The Cybersprint platform provides organizations with an alternative to hiring external security professionals to conduct penetration testing. Rather than conducting those tests once or twice a year, Eagan noted the Cybersprint approach enables organizations to continuously scan their environments for vulnerabilities. That’s critical because IT environments today are more dynamic than ever and render most penetration testing reports outdated within a few days of being filed, she added.
In effect, the acquisition of Cybersprint extends Darktrace’s goal to provide a continuous cybersecurity AI loop based on machine learning algorithms that learn the IT environment they protect.
It’s not clear to what degree cybersecurity teams are embracing AI just yet. However, as attacks increase—both in terms of volume and sophistication—AI technologies provide a way to augment chronically understaffed cybersecurity teams. In fact, as IT environments become more extended it’s unlikely cybersecurity teams will be able to defend every attack surface without the aid of machine learning algorithms.
Naturally, it’s not likely AI will replace the need for cybersecurity professionals any time soon. They will, however, go a long way to rebalancing a playing field that is decidedly tilted in favor of today’s cybercriminals that only need to find and exploit one weakness to be successful.
Regardless of how cybersecurity evolves, it’s now more a question of the degree to which AI will be employed rather than if. It may take a while for machine learning algorithms to learn an IT environment and become truly effective. Nevertheless, those algorithms never get tired, take a day off, quit to take a better offer or, just as critically, never forget something once it’s been learned. In that regard, they may soon become indispensable.
