partner

Darktrace

Darktrace and Keysight: Self-learning AI for a lasting security advantage.

Thousands of customers worldwide rely on Darktrace and Keysight to strengthen their security posture and augment incident response across hybrid networks and clouds— and you can too. Our joint solution supercharges your cyber defense strategy with a powerful and lasting advantage amidst today’s ever-evolving threat landscape.

read the joint solution brief

Stopping novel threats in the age of AI. 

Achieve proactive cyber resilience across your stack.

The Darktrace ActiveAI Security Platform is designed for your Security Operations Center to eliminate alert triage, perform investigations, and rapidly detect and respond to known and unknown threats, whilst exposing risk gaps across your technologies and processes so your team can shift to a proactive cyber approach. The solution is built on Self-Learning AI that continuously trains from your ever-changing business data wherever it is deployed, with further enrichment from external threat intelligence and third-party alerting.

Darktrace lets security operations teams experience a new approach to visibility that keeps machine pace with the threat landscape, surfacing what is most important to your business.  

  • Apply AI algorithms and compute power across network, OT, cloud, email, applications, and your identities to develop a sophisticated understanding of your unique business data that saves time on integrations and vendor management.
  • Continuous real-time learning that changes its alerting criteria as your business grows and adapts to reduce necessary detection engineering.
  • Unlike some XDR solutions, we safeguard your data privacy by keeping the learning of your business separate from the learning of other enterprises. Darktrace’s models are distinct to you.
  • Chain anomalies together to reduce the time between detection and understanding.
read the success story

Not generative. Not generic. Purpose-built agentic AI for security.

Cyber AI Analyst™ mirrors the human investigative process, giving SOCs the equivalent of 30 extra analysts to accelerate investigations and focus on what matters.

Darktrace Cyber AI Analyst™ performs end-to-end investigations of thousands of anomalous or risky alerts and prioritizes the ones with the most potential to impact the business. Mirroring the human investigative process it can question data, test hypotheses, and reach conclusions for alert triage and incident investigations at machine speed and scale, effectively streamlining the alert triage and prioritization process. It performs SOC Level 2 quality investigations of any relevant alert and if findings are deemed important, an incident is typically raised with a complete analysis write-up and graph representation within 5 minutes. Cyber AI Analyst typically provides SOCs with up to 50,000 additional hours of Level 2 analysis and written reporting annually, enriching security operations by producing high level incident alerts with full details so that human analysts can focus on Level 3 tasks.

Keeping pace with evolving threats.

World-class detection is half the battle, but threat sophistication and volume is growing exponentially as attackers begin to harness AI. The ActiveAI Security Platform also provides Autonomous Response to stop threats in minutes. Real-time Autonomous Response stops unknown threats with surgical precision, keeping your business fully operational while buying your SOC valuable time. Keysight’s visibility solutions provide Darktrace with precisely the right data from hybrid networks and cloud to even more effectively utilize these solutions.

Delivering exactly the right data no matter the source.

Keysight’s intelligent visibility solutions complement the Darktrace platform with fast, easy access to all required traffic from your hybrid IT environment — networks, data centers, and private and public clouds. Network and virtual and cloud taps capture and send traffic to network packet brokers (NPBs) for advanced packet processing to speed and optimize utilization by Darktrace and other performance and security monitoring solutions.

We deliver pre-processed data to Darktrace for real-Time analysis.

Highlights include: 

  • Complete Easy Access: NPBs aggregate and process traffic from multiple taps (or SPANs) placed throughout the network  
  • Complete Visibility: into east-west traffic using virtual taps, & cloud traffic using CloudLens  
  • Traffic Grooming: Keysight visibility filters out unwanted monitoring data (duplicates, unnecessary packets, headers, etc.) before sending it to Darktrace and load balances traffic across multiple monitoring solutions to extend their use and value  
  • Seamless Integration: Keysight’s intuitive user interface and automation capabilities integrate seamlessly with Darktrace’s Immune System platform  
  • Active SSL Decryption: To speed analysis of decrypted traffic  

The joint solution delivers complete visibility of hidden and unknown cyber-threats across your entire digital infrastructure. Advanced intelligence and automation enable simplified deployment in any network environment with additional 1G, 10G, 40G, or 100G ports added easily as the business scale.

Darktrace and Keysight deliver an integrated solution for complete visibility to defend hybrid IT and operational technology (OT) infrastructures. Keysight’s intelligent network visibility equips Darktrace with precisely the right data from hybrid networks for use in improved, consistent threat detection and response.