Servizi in Rete detects cyber-security threats in real-time using unsupervised machine learning to classify every action in the network

"Founded in 2006, Servizi in Rete works with hundreds of local distributors and larger companies across Italy, providing a range of services and products. From phone top-up cards and parking cards for local tobacconists to intranet management services for established corporations."

"Servizi in Rete was looking to safeguard sensitive business and customer data, detect insider threat, overcome limitations of legacy tools, incomplete network visibility With Darktrace’s ‘immune system’ technology, Servizi in Rete is now able to monitor all devices and users on its network and can detect emerging cyber-attacks in real time, even from inside sources, while there is still time to act. The Threat Visualizer, Darktrace’s 3D graphical interface, provides Servizi in Rete with 100% network visibility and presents alerts enabling its security team to dig deeper into specific activities and connections with the outside world that may be suspicious and indicative of cyber threat. “Darktrace’s interface is very easy-to-use and simple to navigate for all levels of user,” said Massimo Salierno, CIO, Servizi in Rete. Servizi in Rete also benefits from weekly Threat Intelligence Reports (‘TIRs’), produced by Darktrace’s expert analysts. "

Recursive Bayesian Estimation "Both internal and external parties usually exhibit distinct behaviors before engaging in malicious acts. A contractor logging on at an unusual time, groups of files being aggregated, or an unusual volume of email traffic." "Built on a foundation of Bayesian mathematics and unsupervised machine learning, the system analyzes complex network environments to learn a ‘pattern of life’ for every network, device, and user. Advanced machine learning techniques then correlate patterns in network traffc to detect previously unknown threats and automatically defend networks with digital ‘antibodies’. " " L1-regularized regression model – also known as the lasso method – to a family of sparse ‘structured’ regression models. This allows for the discovery of true associations between linked malware, C2 events (inputs), and data egress (outputs), efficiently solving convex optimization problems to yield parsimonious models"

"To learn ‘normal’ for a network, the Enterprise Immune System identifes naturally occurring groups of devices and behaviors — a task that would be impossible to do manually. Darktrace then employs advanced clustering methods to analyze network behavior in terms of similar devices on the same network. This generates a picture of ‘normal’ without reference to external data and without human interference. While traditional systems adopted a binary approach, Darktrace accepts the inevitable ambiguity of such data. The Enterprise Immune System recognizes that behavior isn’t merely ‘malicious’ or ‘benign’. By correlating a broad range of factors, like server access, timing, and data volumes, Darktrace intelligently ranks threat. This simultaneously allows organizations to prioritize the most serious threats, and eliminates the problem of false positives. Equally important is the task of learning the unique topology of intricate network structures. To achieve this, the Enterprise Immune System utilizes iterative matrix methods that reveal relationships between network features. In conjunction, Darktrace uses an innovative application of models from statistical physics to map a network’s ‘energy landscape’ and reveal potentially anomalous substructures. A further problem lies in how to handle the huge number of variables involved in modeling the high-dimensional structure of complex network environments. In the observation of packet traffc and host activity within an enterprise LAN or WAN, where both input and output can contain millions of inter-related features, learning a sparse and consistent predictive function is challenged by a lack of normal distribution."

According to DarkTrace: * Real-time threat detection * Ability to monitor all users and devices on its network * 100% network visibility