Visualizing Vulnerabilities and Risks with AI to Prevent Attacks Autonomously

Makoto Suzuki of Darktrace Japan proposes a new vision of security, which he calls the "Cyber AI Loop". The goal of this approach is to fully automate security countermeasures by deploying a self-learning AI that provides continuous, uninterrupted feedback to enable autonomous prevention, detection and response to cyberattacks, including the possibility of self-healing in the future.

Building on its existing strengths in autonomous detection and response, the company officially entered the 'prevention' space in August 2022 with the launch of Darktrace PREVENT, a product that uses AI to automate attack surface management and vulnerability identification. Its two functions are Attack Surface Management (ASM) and End-to-End (E2E).

ASM visualizes an organization's information systems and vulnerabilities on the Internet from an attacker's perspective. There is no need to enter IP ranges or other technical details; simply enter a domain or brand name and the AI will keep you constantly informed of external attack risks (e.g. phishing sites) that may be 'impersonating' your organization. E2E offers five solutions to mitigate internal risks, including identification (via AI) of devices that are potential attack vectors and specific personnel who need security training, as well as 24/7 penetration testing.

By trying to get a concrete picture of how systems are being used, information about the company's own sites and external phishing sites uncovered by ASM can first be reviewed graphically in the form of a correlation chart for specific assets. Information about the company's vulnerabilities can also be easily reviewed on the main screen. Detailed information about vulnerable assets includes the reasons for the high risk, as well as "the estimated ultimate risk if the asset is attacked and the current countermeasures required", according to E2E.

All of these products, including Darktrace PREVENT, are available with a free one-month trial.