Cyber Defense with AI and Passive Network Monitoring

Cyber defense with AI and passive network monitoring

Schiffl IT: Identifying anomalies in network traffic and systems in real time.

Schiffl IT is strengthening the security of its corporate customers by implementing the AI-supported cyber security solution Darktrace as a managed service. The AI-supported security solution is able to identify anomalies in a company’s network traffic and systems in real time and intervene before a security incident occurs. This is made possible by the AI’s autonomous response process: autonomously and comprehensively, adaptive algorithms develop an understanding of which behavioral patterns and processes are normal within a data system or network and whether deviations or violations occur. This enables the AI to detect potential threats and suspicious activities and defend against them efficiently, even if attack techniques change or evolve.

Invisible protection against cyber threats

For Hermann Behnert, Managing Director of Schiffl IT, the aspect of passive monitoring is also decisive for the use of Darktrace: “The solution enables us to analyze network traffic, while it itself is only a passive part of the network. This means that the presence of our defensive activities goes unnoticed by potential attackers. By pre-filtering conspicuous events, the AI component significantly reduces false alarms, allowing our cyber security experts to focus on the really important anomalies. From our point of view, this security architecture is an eminent advantage, especially with regard to current AI developments, because the security system itself is now also protected against attacks.”

Darktrace integration in the SOC

With its certification as a managed security service provider for Darktrace, Schiffl IT has further expanded the Security Operations Center (SOC) for its customers: Schiffl IT fully handles cyber attacks that Darktrace detects as part of the managed service. The management of the integrated cloud solution is structured in such a way that the SOC has insight into and access to the AI’s activities at all times.



Read also : Homemade Ransomware