Darktrace company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

darktrace.com

Founded Year

2013

Stage

IPO | IPO

Total Raised

$232.3M

Date of IPO

4/30/2021

Market Cap

2.77B

Revenue

$0000 

About Darktrace

Darktrace is a provider in intelligence-led Behavioral Cyber Defense that uses mathematics to automatically detect abnormal behavior in organizations in order manage risks from cyber-attacks. Unlike software that reads log files or puts locks on doors, Darktrace's approach allows enterprises to protect their information and intellectual property from state-sponsored, criminal groups or malicious employees who are already inside the networks of every critical infrastructure company.

Darktrace Headquarter Location

Maurice Wilkes Building, St John’s Innovation Park Cowley Road

Cambridge, England, CB4 0DS,

United Kingdom

+44 (0) 20 7930 1350

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing Darktrace

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Darktrace is included in 4 Expert Collections, including AI 100.

A

AI 100

99 items

A

Artificial Intelligence

8,694 items

This collection includes startups selling AI SaaS, using AI algorithms to develop their core products, and those developing hardware to support AI workloads.

C

Cybersecurity

5,058 items

D

Digital Health

12,795 items

Technologies, platforms, and systems that engage consumers for lifestyle, wellness, or health-related purposes; capture, store, or transmit health data; and/or support life science and clinical operations. (DiME, DTA, HealthXL, & NODE.Health)

Darktrace Patents

Darktrace has filed 41 patents.

The 3 most popular patent topics include:

  • Computer security
  • Cyberwarfare
  • Cyberattacks
patents chart

Application Date

Grant Date

Title

Related Topics

Status

2/19/2019

7/27/2021

Computer security, Cyberwarfare, Cybercrime, Computer network security, Cyberattacks

Grant

Application Date

2/19/2019

Grant Date

7/27/2021

Title

Related Topics

Computer security, Cyberwarfare, Cybercrime, Computer network security, Cyberattacks

Status

Grant

Latest Darktrace News

How to Avoid Falling Victim to PayOrGrief's Next Rebrand

May 13, 2022

The group that shut down the second largest city in Greece was not new but a relaunch of DoppelPaymer. PDF In July 2021, the second largest city in Greece fell victim to a cyberattack orchestrated by an apparently amateur ransomware group. PayOrGrief appeared to have existed for just a couple of weeks when it broke through Thessaloniki's security systems. The group exfiltrated and encrypted numerous files before issuing a devastating $20 million ransom demand. Unsure of just how far the breach went, the municipality's security team was forced to shut down all of the Thessaloniki website's public-facing services and launch a full investigation into the breach before it could even consider whether to pay the immense ransom. Spot the Difference: PayOrGrief and DoppelPaymer It didn't take long for PayOrGrief to gain a reputation for disruption. Its use of double extortion ransomware tactics has proved effective in targeting organizations in all kinds of industries, including numerous manufacturers and municipalities like Thessaloniki. The novelty of PayOrGrief's operation made it easy for it to beat security tools based on historical attacks, particularly in those first few weeks. Security experts had their suspicions, however, that PayOrGrief was more than the latest budding group to join the ransomware scene. Its attack playbook suggested experience. Further investigations more or less confirmed that PayOrGrief was not a new group but a rebrand of an older one called DoppelPaymer , which ended its operations in May 2021. With the new PayOrGrief moniker and a slightly shifted set of tactics, techniques, and procedures (TTPs), the group has seen success to the tune of over $10 million in ransom payments. The success of the PayOrGrief rebrand demonstrates just how easily a group can obscure itself from the sight of tools based on historical data. Altering its TTPs allowed PayOrGrief to beat security tools, but these changes were far from substantial, and for analysts the DoppelPaymer playbook was still plain to see. How PayOrGrief Orchestrates an Attack This playbook was thrown open when, in July 2021, PayOrGrief targeted a European manufacturing company. The company in question had deployed Darktrace's self-learning artificial intelligence (AI) technology, which was continuously updating its understanding of the digital business and looking for anomalous behavior indicative of a threat. This technology was able to reveal the life cycle of PayOrGrief's attack. PayOrGrief often begins its attacks with phishing emails containing fake updates or malicious documents through which it can inject malware strains like Dridex into target devices. In this case, four devices were compromised, likely by a single phishing campaign, and began to make command-and-control (C2) connections to several rare external IPs. These connections, encrypted with an invalid SSL certificate, were followed by a 50MB upload of data to the company's corporate server. With this escalated position, the attackers established keep-alive beacons and were then ready to begin the exfiltration stage of this double extortion ransomware attack. AI-generated summary of the incident, showing the data exfiltration from a single device. (Source: Darktrace) In just a few hours, over 100GB of data was exfiltrated via HTTPS to the file storage platform Mega. The attackers had targeted more than this, but the company's autonomous defenses stood in their way. Having recognized that this behavior was highly unusual in the context of the business' normal "pattern of life," the AI could have stopped the threat at its earliest stages if not mostly blocked from intervening by the company's configuration settings. The AI took what limited action it had permission to and limited the scope of the data exfiltration. By detecting and blocking anomalous file activity, it obstructed some of the exfiltration efforts, while continuing to monitor those parts of the digital estate in which it couldn't take direct action. The attackers continued to move laterally through the digital estate, using RDP and SMB for internal reconnaissance and exploiting administrative privileges and processes. And then, only 10 hours after the first compromised devices began making malicious connections, PayOrGrief deployed its ransomware. Encryption spread through the company, with an SMB write with the ".pay0rgrief" file extension seen on 137 devices. Once again, the AI cybersecurity system was able to protect certain devices from anomalous file activities and narrow the scope of the attack considerably. Through each stage of the attack — including C2, lateral movement, internal reconnaissance, exfiltration, and encryption — the AI suggested actions to block specific connections and enforce devices' patterns of life in order to halt the threat without disrupting the business itself. Stopping the Next Big Name in Ransomware PayOrGrief is no longer an unfamiliar name, a fact that will now be reflected in the OSINT of many rules-based cybersecurity solutions. But if organizations continue with this approach, looking at historical attacks and playing continual catch-up with the latest ransomware strains and TTPs, they will always be vulnerable to whatever is coming next. As the speed and efficacy of the DoppelPaymer rebrand demonstrates, focusing on the specificities of the attacker is a short-sighted solution. Businesses should instead adopt cybersecurity tools that stop threats regardless of whether they have been seen before. By continuously updating their understanding of how your business should behave normally, AI-driven solutions like Darktrace can piece together anomalies to detect emerging attacks and even take autonomous action to stop them. That means no matter what they call themselves, or how they operate, attackers will be seen for what they are — and stopped. Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Darktrace Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Darktrace Rank

  • When was Darktrace founded?

    Darktrace was founded in 2013.

  • Where is Darktrace's headquarters?

    Darktrace's headquarters is located at Maurice Wilkes Building, St John’s Innovation Park, Cambridge.

  • What is Darktrace's latest funding round?

    Darktrace's latest funding round is IPO.

  • How much did Darktrace raise?

    Darktrace raised a total of $232.3M.

  • Who are the investors of Darktrace?

    Investors of Darktrace include Ten Eleven Ventures, KKR, Vitruvian Partners, Summit Partners, Insight Partners and 7 more.

  • Who are Darktrace's competitors?

    Competitors of Darktrace include Source Defense, ActZero, SafeBreach, ExtraHop, Exeon Analytics and 9 more.

You May Also Like

Vectra Networks Logo
Vectra Networks

Vectra Networks uses artificial intelligence to automate real-time cyberattack detection and response, from network users and IoT devices to data centers and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress.

Securonix Logo
Securonix

Securonix provides enterprises with a security analytics platform that uses Hadoop and machine learning technology to consume, enrich and analyze massive volumes of data to detect and prioritize the highest insider threat, cyber threat, cloud, and fraud attacks automatically and accurately. The company was founded in 2017 and is based in Addison, TX.

Cybereason Logo
Cybereason

Cybereason develops software that aims to better track the actions of would-be cyber attackers. The Cybereason automated platform collects subtle clues by learning to discern anomalies and distinguish between the benign and pernicious. This data is then analyzed using Big data algorithms and proprietary knowledge enriched with external intelligence.

ExtraHop Logo
ExtraHop

ExtraHop provides real-time wire data analytics through the company's digital platform. The company's operational intelligence platform analyzes all L2-L7 communications, including full bidirectional transactional payloads.

SecurityScorecard Logo
SecurityScorecard

SecurityScorecard is an information security company focusing on third party management and IT risk management. SecurityScorecard provides a platform designed to rate cybersecurity postures of corporate entities through the scored analysis of cyber threat intelligence signals.

Forcepoint Logo
Forcepoint

Forcepoint safeguards users, data, and networks against the most determined adversaries, from accidental or malicious insider threats to outside attackers, across the entire threat lifecycle. Forcepoint protects data everywhere – in the cloud, on the road, in the office – simplifying compliance and enabling better decision-making and more efficient remediation.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.