Show:
/Products
/Deployment
/Data
/AI Analyst+More
/Potpourri
100

What is Darktrace’s false positive rate?

The term ‘false positive’ is representative of legacy tools that label alerts as good or bad and rely on rules and signatures, whereas Darktrace’s approach looks for anomalies and not known malicious indicators.

While not all anomalies will be malicious, all malicious activity will be anomalous.

100

How does Call Home work?    

To enable Call Home, customers must allow the appliance to connect outbound over port 443 to Darktrace’s secure cloud environment.
This is a secured, tunnelled & encrypted connection usingHTTPS with SSL wrapping so no third party can access it, and always remains under the control of the end user.

100

What do you do with our data after a POV?

-If prospects choose to move forward with Darktrace, the data rolls over nicely to kickstart Darktrace AI’s understanding of your environment.
-If prospects choose not to move forward directly follow- ing the Darktrace POV, any end user data that has been collected is securely removed from the appliance.

100

Can the AI Analyst look at other data sources to improve its investigations?

 

Cyber AI Analyst can also be integrated with tools across your security stack & workflow, allowing investigations to be enhanced and triggered based on data from third-party sources such as CrowdStrike or Carbon Black.

100

When/Where was Darktrace founded?

June 10, 2013, Cambridge, United Kingdom

200

Do I have control over the autonomous response?

Yes, RESPOND only takes action on high-confidence threats that have been detected by Darktrace’s Self-Learning AI.

For this reason, we invite customers to build trust with the technology by deploying RESPOND in three modes:Passive, Human Confirmation mode and fully autonomous.

200

We will probably run a pen test during the trial, what does that mean for you and the Darktrace team?

This can be a great way to evaluate the power and visibility of Darktrace. That being said, it must be understood that Darktrace will only provide insights into the pen test activities that occur within the scope of the POV deployment.

200

How long does the Darktrace appliance hold event logs?

3-6 months

200

How is Darktrace priced?


Network, OT and endpoint coverage is priced per device, and Email and SaaS coverage per user.
Cloud is per workload.

200

Name 3 AI tools like Chat GPT:

-Google Gemini
-Microsoft Copilot
-Claude
-Deepseek
-Perplexity

300

How long is the learning period for the AI in a POV?

7-10 Days

300

Can I trial Darktrace in a test environment or use previously stored data?

These environments usually do not generate enough volume of data to be interesting. There may be a special case where we can ingest previously stored data, but this is non-standard and doesn’t allow for real-time modeling and detection.

300

How long does the Darktrace Appliance hold Advanced Search Data?

30-days on average

300

What type of math/machine learning does the Cyber AI Analyst use?

    

The Cyber AI Analyst uses a range of supervised, unsupervised, and deep learning techniques, as well as advanced mathematics, to conduct its analysis.

300

When is the next security software update required by?

2/11/25- Get ahead of it!
macOS Sonoma — 14.7.3
macOS Sequoia  — 15.3 – only for those users who have been directly asked to upgrade by IT
iOS 17 — 17.7.4 or
iOS 18 — 18.3

400

How does Darktrace deal with ransomware?

Encryption is only the last stage of ransomware. Before that stage, the attacker has to:
-infect-move laterally-escalate privilege-stage data for exfiltration

At each of these stages, Darktrace can identify the subtle deviation in normal behavior and disarm it.

400

What if Darktrace is installed into a compromised network?

Most of our new customers encounter pre-existing concerns when they deploy Darktrace. The AI does not look at each de- vice in isolation, it compares devices and users to their peers.


400

How long does the Darktrace appliance hold PCAPs (packet captures)?

Available for up to a week.

400

What is Darktrace/Email analyzing?

Darktrace understands:
-what language is used
-who is normally copied in
-what links are being shared
-how often people communicate
-what time they send emails as well as so much more.

400

Finish this sentence: no champion, ______.

No deal

500

How does Darktrace scale?

                                                                       

Scalability is one of our differentiators and we’re well known in the industry for enabling a seamless journey for customers as they deploy and extend their platform. Sensors, appliances, APIs 

                                                       

500

How would darktrace deploy in the following environment?
-10 VMs with V-switch
-100 Exchange Online Emails
-200 Network devices

1 (s) appliance, API, v-sensor 

500

How long does the Darktrace Appliance hold on to model breach records?

Around 1 year.

500

How does Darktrace RESPOND work? (Email, Network, Cloud)

Darktrace/Email we can: hold emails remove harmful links, or suspect attachments from potentially malicious email.
Darktrace/Cloud+network we can: block specific connections, enforce a user or a device’s normal business operations

500

Typically used to gain access to the Dark Web, what does TOR stand for?

The Onion Router