Darktrace/Apps use cases

Understanding your users

Darktrace/Apps is built around understanding your users’ normal behaviors. See how specific threats can lead to breaches.

Account Hijack

Whether through credential harvesting, password spraying, or a data dump on the Dark Web, attackers can compromise cloud accounts through various means. Once they do, they have access to all of the account owner's data and communications.

Darktrace/Apps reveals account takeovers from multiple unusual signals at the login stage or immediately after.

DARKTRACE - Better Together

Even better when deployed with:

Nuvem

Apps

Sample analysis of Darktrace/Apps

Every threat is different, but here are some unusual patterns Darktrace/Network might assess when revealing this type of attack:

Unusual SaaS Administrative Login

Unusual S3 Resource Modification

Multiple Failed Login Attempts

Unusual Time or Location for Login

Unusual Login Source for Key User

Ameaça interna

While most cloud application security tools assume trust when a known user logs in, Darktrace shines a light on threatening or pernicious activity undertaken by careless or malicious insiders.

Sample analysis of Darktrace/Apps

Insider threat comes in many forms, but here are some examples of activity Darktrace/Apps might detect:

Unusual S3 Resource Creation

Unusual SaaS Sensitive File Access

Large Volume of SaaS Downloads

Unusual S3 Resource Modification

Unusual S3 File Download