Machine learning cybersecurity firm Darktrace PLC today announced a new solution that provides comprehensive visibility of cloud architectures, real-time cloud-native threat detection and response, and prioritized recommendations and actions to help security teams manage misconfigurations and strengthen compliance.

The new Darktrace/Cloud solution, based on a unique self-learning artificial intelligence, has been designed to address the issue wherein over 99% of cloud breaches are based on customer errors, account takeovers and misconfiguration.

Darktrace argues that as cloud environments constantly change, maintaining visibility and keeping up with misconfigurations makes risk and compliance difficult for security professionals. Added to the mix is the rise of cloud-native technologies, including containers, Kubernetes and microservices, which also present new challenges for detecting and responding to known and novel threats.

The new capabilities in Darktrace/Cloud available today include comprehensive visibility and architecture modeling for insights into the changing nature of cloud environments. The visibility is constructed dynamically from configuration, network, users, identity and access management data. Darktrace establishes patterns of life for cloud resources, identities, and services to understand who has access to what and how.

The new release includes universal attack path modeling that provides a dynamic view of where attackers may look to move next. Darktrace combines real-time cloud data and a deep understanding of a cloud environment with a platform approach that provides insights about risks from other covered areas of the business, such as network and email, to highlight potential attack paths and prioritize important assets to secure.

Real-time and cloud-native threat detection and response in the release provides a dynamic view of known and novel threats within the cloud, the company says. The service combines deep cloud attack path knowledge with real-time anomaly and threat detection through cloud-native autonomous response actions.

The service offers prioritized cloud posture management, including examining cloud configurations against common compliance frameworks. Where misconfigurations are detected, Darktrace provides a prioritized view of what to fix first, based on a risk profile generated from security and business context.

Other features include cost discovery to provide a better understanding of cloud resource allocation, enhanced communication and collaboration capabilities to streamline workflows between security and DevOps teams and flexible deployment options.

Deployment options include an agentless deployment by default so organizations can be up and running in minutes. Teams have access to a dynamic architectural view and risk context to decide where to deploy agents for enhanced real-time actions and deeper inspection.

“Our Self-Learning AI continuously learns patterns between workloads, assets, policy configurations and identities to provide a dynamic view of cloud architectures,” said Chief Technology Officer Jack Stockdale. “We analyze the entire cloud stack from data to control plane, combining an understanding of architecture and network with a new flexible, scalable deployment model.”

Photo: London Stock Exchange/X