Page Comparison

...

Darktrace is the world’s leading machine learning company for cyber security, having developed AI algorithms that mimic the human immune system to defend enterprise networks of all types and sizes. Installed as a self-configuring cyber defense platform, Darktrace® continuously learns what is “normal” for all devices and users, updating its understanding as the environment changes. 

The solution works by passively analyzing raw network traffic across the digital enterprise, and continually makes probabilistic judgments about what is normal or abnormal behavior. In doing so, Darktrace creates an evolving understanding of the ‘pattern of life’ of every device and user, as well as each network and subnet.

Device Information

Collection Method

Port Requirements

To facilitate secure communication and align with our best practice, we strongly encourage the use of Transport Layer Security (TLS) between your security devices and our Adaptive MxDR platform for event forwarding.

...

In some cases, the upgraded version of the device might incorporate TLS support without prior notice. If you come across such a scenario or for further assistance in configuring TLS, we kindly ask you to reach out to your dedicated Adaptive MxDR Service Delivery Lead.

Device Configuration

 Configuration steps To configuration for version 5.2 and above:

1. Log in to DarkTrace Threat Visualizer and navigate to the System Config page (, Main menu › > Admin).

...

2. From the left-side menu, select Select Modules, then navigate to the Workflow Integrations section and choose Syslog.

...

3. A window with four tabs will open, a Status tab that lists existing configurations per-Syslog server and an individual tab for each Syslog format. The Status tab may not be present if there are no existing configurations.

...

4. Select the Click Syslog JSONtab, existing configurations using that format will be listed by destination server.

...

Parameters required from customer for Integration.