Darktrace Launches Automated Cloud Forensics Tool to Slash Investigation Times
Darktrace, a leading AI cybersecurity company, has launched 'Darktrace / Forensic Acquisition & Investigation', a pioneering automated cloud forensics solution. This new tool aims to drastically reduce cloud investigation times, transforming response to complex, fleeting cloud workloads like containers and serverless functions.
The solution, now available, targets organizations struggling with lengthy cloud investigations. It captures and analyzes host-level evidence, including disk, memory, and logs, at the exact moment a threat is detected. This immediate evidence collection slashes investigation times from days to minutes.
Darktrace's new tool preserves volatile data and reconstructs attacker behaviour in real time, providing crucial context to daily investigations. It's the first fully automated cloud forensics solution in the industry, offering features like automated hybrid forensic capture and scalable response and reporting.
Attacks against cloud workloads are escalating, with sudden waves targeting tools like Jupyter Notebooks. Traditional log-based alerts often miss critical attacker behaviour such as lateral movement or privilege escalation in cloud environments. The new Darktrace solution addresses these challenges, helping organizations contain incidents faster. A recent survey revealed that nearly 90% of organizations suffer damage before containing cloud incidents due to slow investigation times.
Darktrace's 'Forensic Acquisition & Investigation' is now available, promising to revolutionize cloud threat investigations. By preserving volatile data, reconstructing attacker behaviour, and reducing investigation times, it equips security teams to respond swiftly and effectively to complex, ephemeral cloud threats.
