iSYSTEMS Integration Ltd

Darktrace

Darktrace leverages AI to detect and respond to emerging cyberthreats in real time across the entire digital estate.

Features

• Darktrace Enterprise Immune System (EIS), Darktrace Network Detect and Respond
• Darktrace Antigena Network (AGN), Darktrace Respond, Passive Network Monitoring
• Darktrace Antigena Email
• Fully Customisable Self-learning AI Cyber Security Solution
• Autonomous Response and Automated Investigations
• Complete visibility across OT, IT, and IIoT
• SaaS Console
• Passive or Active asset identification
• Open architecture and one-click integrations

Benefits

• iSYSTEMS has the capability to design and implement this solution
• iSYSTEMS will scope and size free of charge
• Continuously adapts/learns as your organization changes detects novel threats
• Stops phishing and other email threats
• Offers visualization of threats in Microsoft365 and other cloud applications
• Passive or Active asset identification based on self-learning
• Evolving understanding of your digital infrastructure to take targeted action
• Darktrace AI uses its evolving understanding to take targeted action
• Enforces normal ‘pattern of life’, containing only the threat

£0 a transaction

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mick.cooper@isystemsintegration.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

705964345290047

Contact

Mick Cooper
07831 154 221
mick.cooper@isystemsintegration.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: No
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 4 Hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Darktrace provides remote assistance support for the Darktrace Products. In addition to the Standard; Support Services provided to all Customers, Customers have the flexibility to choose between different; Support Service Options listed below to address Customer’s specific needs.; Darktrace provides all Customers with the following Standard Support Services:; • Helpdesk; • Software Updates; • Hardware Support; Health Checks and System Diagnostics (requires Call Home to be active)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Dedicated Account Team and, consistently featuring Account Executive, Cyber Technologist and Customer Success Manager - complimentary on-site training sessions
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: If using physical appliance, full data wipe is carried out; If using cloud appliance, instance is deleted
• End-of-contract process: Access to UI terminated, data wipe occurs. If there is a physical appliance on the customer site it is returned to Darktrace

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile app allows users to view and manage alerts and response actions; The web interface provides more detailed logging and analysis tools, as well as configurtaion options
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Customer Portal
• Accessibility standards: None or don’t know
• Description of accessibility: N/a
• Accessibility testing: N/a
• API: Yes
• What users can and can't do using the API: Pull alert, device, system data and more using HTTP GET; Append information to the UI, such as new device tags, to acknowledge breaches or to edit device labels using HTTP POST
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Modify model sensitivity; LDAP integration; Subnet Labelling; Autonomous Response: Passive/Human Confirmation/Fully autonomous

Scaling

• Independence of resources: Each customer's deployment will utilise hardware and/or virtual appliances that are dedicated to that deployment. Deployment resources are not shared with other customers.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Darktrace

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Data is encrypted at rest. Darktrace appliances are encrypted via LUKS with keys stored on TPM using a 256-bit AES cipher and sha256 for key derivation. All hard drives have full disk encryption, except the boot hard drive, which contains a small unencrypted boot partition for starting up the appliance.
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: API; CSV; Alerting formats
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • CEF
  • LEEF
  • JSON
  • HTTP
  • Active MG
  • Jira
  • Email alerts all available
• Data import formats:
  • CSV
  • Other
• Other data import formats: Syslog log ingestion available

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: "Data is transmitted with TLS1.2+ (HTTPS, SMTPS, POPS etc), SSHv2, IPSec/DTLS with AES-128-GCM or; higher encryption. Weaker ciphers from the available suite are removed. SMBv3 is encrypted with AES-CCM; encryption. "
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Data is encrypted in transit, Data is transmitted with TLS1.2+ (HTTPS, SMTPS, POPS etc), SSHv2, IPSec/DTLS with AES-128-GCM or higher encryption. Weaker ciphers from the available suite are removed. SMBv3 is encrypted with AES-CCM encryption. Darktrace deploys it own products internally to monitor our networks. Firewalls are in place, IDS and IPS are implement on all network segments.

Availability and resilience

• Guaranteed availability: High
• Approach to resilience: Physical appliances have redundancy in built, with multiple HDD/SSDs.; ; A deployment can be setup with High Availability, utilising multiple master appliances.; ; Cloud master appliances will utilise AWS high availability architecture
• Outage reporting: Appliances are monitored through Darktrace NOC, to identify any hardware/software issues.; NOC alerts are distributed to contacts specified by the customer via Darktrace Customer Portal

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: GUI user accounts and permissions can be controlled, and also managed by AD group. ; ; Darktrace Customer Portal accounts can be configured as either Primary (full access), or Standard (limited access). Primary users will have control over other user accounts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI - British Standards Institue
• ISO/IEC 27001 accreditation date: 04/05/2022
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Darktrace, in line with its ISO 27001 certification, operates and maintains a wide array of policies and procedures such as Information security policy, Access control policy, Data destruction policy, etc.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Darktrace has a document change control program. All changes are risk assesed by approved change approvers and recorded for audit purposes
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Auto-updates enabled wherever possible. Important updates for other devices are rolled out ASAP, general updates at least monthly. Websites protected by anti-DDoS host. Monthly internal and external vulnerability scanning.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Darktrace utilises its own proprietary leading AI security technology, Enterprise Immune System and Antigena Email to learn normal patterns of life our internal and production environments to discover unpredictable cyber-threats, delivering complete visibility across our dynamic workforce, from cloud and collaboration tools to endpoints. Darktrace’s world-class SOC provides 24/7 monitoring/mitigation. Network activity is continuously monitored by the Darktrace EIS with full Antigena module enablement. AGE is also in place to monitor exchange traffic. Enterprise-grade endpoint security solutions are deployed throughout Darktrace fleet. Cloud environments are monitored through security modules for SaaS and Web proxy filtering is in place.
• Incident management type: Undisclosed
• Incident management approach: Incidents are raised to the Security Team. Business impact of the incident is assessed and if customer data is at risk, customers are notified within 24 hours. Evidence is collected and stored securely by the Security Team and accessed only by investigators. All investigators are independent of the incident itself. A formal incident report is written to determine the root cause, this is then reviewed to determine corrective or preventative actions.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  iSYSTEMS has grown rapidly over the past 12 months and has focused on building our team from the local area. Recruiting locally reduces the necessity for long commutes into the office. ; ; We also offer flexible working, allowing employees to work from home, utilising Teams to maintain face to face contact. Working from home more often reduces our carbon footprint and the need to use public transport. ; ; The iSYSTEMS office is almost completely paperless and we work with local suppliers as far as possible.
• Covid-19 recovery:

  Covid-19 recovery

  The COVID pandemic has changed the way we do things, iSYSTEMS has adapted our working practices to keep our employees healthy, safe and productive. ; ; Working from home more often, reducing the need to use public transport, ensuring the office environment is safe and COVID secure and making sure we stay connected has been our focus.
• Tackling economic inequality:

  Tackling economic inequality

  iSYSTEMS is committed to paying our staff a fair salary and being based just outside of London ensure all our employees wages exceed the London Living Wage. ; ; We offer several salary reviews throughout the year based on performance, with an increase after the satisfactory completion of the employees probation period and an annual salary review/increase.
• Equal opportunity:

  Equal opportunity

  We are building an inclusive and diverse team focusing on skills and added value to our business. As we grow, we are building our foundations and documenting our business processes to identify skills gaps.
• Wellbeing:

  Wellbeing

  Maintaining our culture is fundamental to our core values. We foster a collaborative team by holding cross department meetings and a range of social events to cement relationships. We regularly organise and / or contribute to joint campaigns with our partner organisations. iSYSTEMS supports a number of charities and in particular ex-military personnel. ; customers as well as offering pro-bono technology consulting. ; ; We have developed a close relationship with the Friends of PWRR Princess of Wales's Royal Regiment Benevolent Fund and have organised several fund-raising events including a charity football match between Princess of Wales's Royal Regiment and Millwall Legends at The Den, including ex England star Teddy Sheringham, as well as a very successful event called Party for Heroes (P4H). ; ; Our sister company iFORCE is made up exclusively of ex-Special Forces and Intelligences Services and we have close links with Brian Wood MC who regularly attends our events and shares his insights from his time in the military. Throughout the month of November, Brian completed his Ultimate Sacrifice Challenge - Walking With The Wounded Brian Wood- Ultimate Sacrifice Challenge - Walking With The Wounded, where he dedicated every mile to one of our fallen soldiers from the Iraq and Afghanistan conflicts - 26 miles per day for 25 days, totalling 635 miles. iSYSTEMS supported Brian’s endeavours and was a major contributor and corporate sponsor.; ; We are considering various initiatives in 2022 including apprenticeship schemes, advance training and further staff benefits that do not cost the company very much but have a huge impact on our employees.

Pricing

• Price: £0 a transaction
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Darktrace's pricing model is driven by the number of unique Ips the AI covers, it is completely bespoke and pricing is available on request from iSYSTEMS.; ; Darktrace's Proof of Value allows organisations access to the entire AI Platform to showcase the technology over a 30 day period.
• Link to free trial: https://www.darktrace.com/en/resources/ds-pov.pdf

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mick.cooper@isystemsintegration.com. Tell them what format you need. It will help if you say what assistive technology you use.