Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Focus: AI-powered threat detection and response
Funding: $230 million
Founded: 2013
U.K-based Darktrace is among the first vendors to apply artificial intelligence (AI) and machine learning (ML) approaches to detect and respond to cyberthreats across enterprise network, cloud, e-mail, and endpoint environments. The company has described its products as using unsupervised ML to essentially baseline normal behavior for every user and device in an organization and to monitor for anomalies potentially indicative of a cyberthreat.
Darktrace's technology portfolio includes an AI-enabled product for detecting known and unknown threats on enterprise and industrial networks, an autonomous response technology designed to respond to in-progress attacks, and an AI-powered investigative tool designed to automatically triage, interpret, and report on security incidents.
Darktrace, which says it has 4,700 enterprise customers, went public earlier this year with an IPO on the London Stock Exchange; it currently has a market cap of around $2.3 billion.
Omdia's Parizo says Darktrace stole a march on rivals by being among the first to employ AI/ML models to threat detection and response. The company has beefed up its response capabilities in recent years with its Antigena autonomous response technology for enterprise, SaaS, and email environments, Parizo says.
"Darktrace is said to be stronger in the midmarket than in high-end enterprises," he says. "Competitors such as Vectra and others have been catching up," he adds.
Image: Darktrace
Focus: Managed threat prevention service
Funding: $23 million
Founded: 2016
Trinity Cyber's technology — offered as a managed security service — is essentially an intrusion prevention system on steroids. It operates as a bidirectional man-in-the-middle proxy between an organization's network and the Internet. It works by inspecting incoming and outbound traffic for signs of malicious activity and offers organizations multiple options for responding to detected threats. For example, in addition to simply blocking malicious files, the service allows organizations to alter or replace them to impede adversaries or to fool them into thinking an attack is working.
Trinity's founder, Steve Ryan, is a former deputy director of the NSA's Threat Operations Center. Tom Bossert — former US Homeland Security advisor to the White House in the Trump administration and co-author of the "2007 National Strategy for Homeland Security" — is president of the startup. The company secured $23 million in a funding round led by Intel Capital in 2019. In September 2020, Gartner listed Trinity as a "cool vendor" in the network and endpoint security space for the way in which the company's managed service "sanitizes traffic in flight."
"Seemingly a hybrid between a scrubbing service and a 'man in the middle,' Trinity Cyber provides an internet-based service where network traffic invisibly transits high-throughput data centers where malicious content is actively replaced with benign content from full bidirectional network sessions," Gartner said.
Because the service only inspects traffic traversing the internal network boundary and the Internet, it is not a fit for use cases such as detecting insider threats or lateral movement, the analyst firm noted.
Image: Trinity Cyber
Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
Tweet This
