Central Networks and Technologies Ltd
Darktrace Cyber Security
Darktrace leverages AI to detect and respond to emerging cyberthreats in real time across the entire digital estate.
Features
- Selflearning continuously adapts, learns as you change, detects threats
- Autonomous Response understanding your digital infrastructure to only target threats
- Automated investigations AI Analyst is trained on expert human behaviors.
- Antigena Email stops phishing and other email threats
- SaaS Console visualization of threats in Microsoft365 other cloud applications
- Passive or Active asset identification based on self-learning AI
- Stops threats at the IT layer before they reach critical
- Open architecture and one-click integrations
Benefits
- Selflearning continuously adapts, learns as you change, detects threats
- Autonomous Response understanding your digital infrastructure to only target threats
- Automated investigations AI Analyst is trained on expert human behaviors.
- Antigena Email stops phishing and other email threats
- SaaS Console visualization of threats in Microsoft365 other cloud applications
- Passive or Active asset identification based on self-learning AI
- Stops threats at the IT layer before they reach critical
- Open architecture and one-click integrations
Pricing
£3 to £8 a unit a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at sales@centralnetworks.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
9 2 6 7 4 5 9 8 5 6 6 8 5 2 0
Contact
Central Networks and Technologies Ltd
John Blackburn
Telephone: 01706747474
Email: sales@centralnetworks.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
- None
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 4 Hours responce SLA
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Darktrace provides remote assistance support for the Darktrace Products. In addition to the Standard
Support Services provided to all Customers, Customers have the flexibility to choose between different
Support Service Options listed below to address Customer’s specific needs.
Darktrace provides all Customers with the following Standard Support Services:
• Helpdesk
• Software Updates
• Hardware Support
Health Checks and System Diagnostics (requires Call Home to be active)" - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Dedicated Account Team and, consistently featuring Account Executive, Cyber Technologist and Customer Success Manager - complimentary on-site training sessions
Online customer portal with training materials and videos - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
-
If using physical appliance, full data wipe is carried out
If using cloud appliance, instance is deleted - End-of-contract process
- Access to UI terminated, data wipe occurs. If there is a physical appliance on the customer site it is returned to Darktrace
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
The mobile app allows users to view and manage alerts and response actions
The web interface provides more detailed logging and analysis tools, as well as configurtaion options - Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- Customer Portal
- Accessibility standards
- None or don’t know
- Description of accessibility
- N/A
- Accessibility testing
- N/A
- API
- Yes
- What users can and can't do using the API
-
Pull alert, device, system data and more using HTTP GET
Append information to the UI, such as new device tags, to acknowledge breaches or to edit device labels using HTTP POST - API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Modify model sensitivity
LDAP integration
Subnet Labelling
Autonomous Response: Passive/Human Confirmation/Fully autonomous
Scaling
- Independence of resources
- Each customer's deployment will utilise hardware and/or virtual appliances that are dedicated to that deployment. Deployment resources are not shared with other customers.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Darktrace
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Other
- Other data at rest protection approach
- Data is encrypted at rest. Darktrace appliances are encrypted via LUKS with keys stored on TPM using a 256-bit AES cipher and sha256 for key derivation. All hard drives have full disk encryption, except the boot hard drive, which contains a small unencrypted boot partition for starting up the appliance.
- Data sanitisation process
- No
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
-
API
CSV
Alerting formats - Data export formats
-
- CSV
- Other
- Other data export formats
-
- JSON via API
- CEF
- LEEF
- HTTP
- Active MG
- Jira
- Email alerts
- Data import formats
-
- CSV
- Other
- Other data import formats
- Syslog log ingestion available
Data-in-transit protection
- Data protection between buyer and supplier networks
- Other
- Other protection between networks
-
Using a physical master appliance, all data is stored on customers site no external storage. Using a call home functionality that enables Darktrace to run diagnostics and provide update to its own appliance. Darktrace appliance will make encrypted outbound SSH connection to DarktraceHQ. Under your control, easily disabled within appliance’s interface or blocked by other security devices
Both sides of the connection enforce the correct pre-configured keys, which are unique for customer
Connection is encrypted using AES128CTR cipher
DarktraceHQ only permits connection attempts from the customer’s nominated IP
The connection terminates in Call Home host dedicated solely to the customer - Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- Weaker ciphers from the available suite are removed. SMBv3 is encrypted with AES-CCM encryption. Darktrace deploys it own products internally to monitor our networks. Firewalls are in place, IDS and IPS are implement on all network segments.
Availability and resilience
- Guaranteed availability
- High
- Approach to resilience
-
Physical appliances have redundancy in built, with multiple HDD/SSDs.
A deployment can be setup with High Availability, utilising multiple master appliances.
Cloud master appliances will utilise AWS high availability architecture - Outage reporting
-
Appliances are monitored through Darktrace NOC, to identify any hardware/software issues.
NOC alerts are distributed to contacts specified by the customer via Darktrace Customer Portal
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Username or password
- Other
- Other user authentication
- LDAP integration can be configured, allowing users to authenticate with AD credentials
- Access restrictions in management interfaces and support channels
-
GUI user accounts and permissions can be controlled, and also managed by AD group.
Darktrace Customer Portal accounts can be configured as either Primary (full access), or Standard (limited access). Primary users will have control over other user accounts. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Username or password
- Other
- Description of management access authentication
-
LDAP integration can be configured, allowing users to authenticate with AD credentials
2FA is enforced for access to Darktrace Customer Portal
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI - British Standards Institue
- ISO/IEC 27001 accreditation date
- Re certified in 04/05/2022
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Darktrace, in line with its ISO 27001 certification, operates and maintains a wide array of policies and procedures such as Information security policy, Access control policy, Data destruction policy, etc.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Darktrace has a document change control program. All changes are risk assesed by approved change approvers and recorded for audit purposes
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Auto-updates enabled wherever possible. Important updates for other devices are rolled out ASAP, general updates at least
monthly. Websites protected by anti-DDoS host. Monthly internal and external vulnerability scanning." - Protective monitoring type
- Undisclosed
- Protective monitoring approach
-
Darktrace utilises its own proprietary leading IA security technology, Enterprise Immune System and Antigena Email , to learn normal ‘patterns of life’ our internal and production environments to discover
unpredictable cyber-threats, delivering complete visibility across our workforce, from cloud and collaboration tools to endpoints. Darktrace’ss SOC provides 24/7 monitoring and mitigation. Network activity is continuously monitored by the Darktrace EIS with full Antigena module enablement. AGE is also in place to monitor exchange traffic. Enterprise-grade endpoint security solutions
are deployed throughout the Darktrace fleet. Cloud environments are monitored through security modules for SaaS and Web proxy filtering is in place. - Incident management type
- Undisclosed
- Incident management approach
-
Incidents are raised to the Security Team. Business impact of the incident is assessed and if customer data is at risk, customers are notified within 24 hours. Evidence is collected and stored securely by the Security
Team and accessed only by investigators. All investigators are independent of the incident itself. A formal incident report is written to determine the root cause, this is then reviewed to determine corrective or
preventative actions
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Equal opportunityEqual opportunity
Our Social Value Policy is Available on request more information can be found on our website
Pricing
- Price
- £3 to £8 a unit a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Darktrace's Proof of Value allows organisations access to the entire AI Platform to showcase the technology over a 30 day period.
- Link to free trial
- https://www.darktrace.com/en/resources/ds-pov.pdf
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at sales@centralnetworks.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.