DarkLight™ is a next generation cybersecurity analytics and automation platform.

Driven by artificial intelligence (AI), it's a force multiplier which leverages the reasoning, knowledge, and experience of security analysts to deliver human-quality results, at scale.

What does it do?

freepik-mod-10960-NN4RDT.jpg
[fa icon="fighter-jet"]

Force Multiplier

Adding DarkLight is like adding virtual analysts to your team. With DarkLight doing the heavy lifting, the analyst can focus on hunting the most serious 1% of threats.

[fa icon="code-fork"]

Deploys without Disruption

Deploying DarkLight complements your existing procedures and is easily adapted to your people, process and enterprise technology. 

[fa icon="tachometer"]

Reduces Incident Response Times

Threat detection and response can take from 12-24 hours in some organizations. DarkLight can reduce this process to only minutes.

[fa icon="users"]

Captures Unique Enterprise Knowledge

DarkLight augments the deductive and investigative skills of the analyst by enabling them to easily create ontologies and embed their own expertise, specific to the needs of their enterprise. 

[fa icon="suitcase"]

Accelerates Onboarding

DarkLight encodes enterprise knowledge of expert analysts, reducing the time it takes to improve the skills of junior analysts and train those new to your organization.   

[fa icon="fire-extinguisher"]

Mitigates New Threats Quickly

DarkLight can trigger enterprise security apps to orchestrate an automated response, or call for further analyst investigation.

Why is it Different?

1

"WORKS & THINKS" LIKE AN ANALYST

By automating human cybersecurity analyst expert knowledge and work habits, DarkLight can infer facts and identify anomalous activity or events that would otherwise only be obvious to a team of security analysts.

2

CUTS ANALYSTS TIME TO LEARN

Capture and retain the best practices and techniques of the most senior analysts to speed onboarding and make the whole team more effective.

3

DESCRIPTION LOGIC REASONING with SEMANTIC GRAPH ANALYTICS

Unlike all other workflow-driven or machine learning-based automation tools, this patented approach more effectively models normal and abnormal user and network behavior.

4

BUILT BY ANALYSTS FOR ANALYSTS

Evolved from more than four years of R&D inside one of America's top national research labs initially as a "person of interest" reasoning system, analysts working in national security designed DarkLight to give fellow analysts a remarkable tool to combat cyber crime.

5

HUMAN-QUALITY DATA ANALYTICS AT SCALE

At the core of DarkLight is the Programmable Reasoning Object℠ or PRO℠ which can find correlations and patterns between data sets — rapidly evaluating thousands or millions of events.  

How Does it Work?

Next Generation UBA with real-time detection

For most enterprises, cybersecurity has become a big-data analytics challenge.  The sheer volume of alerts overwhelms even the most efficient Security Operation Centers.  Our proprietary approach uses Description Logics (DL) and Semantic Graph analytics to process massive data streams and highlights actionable events.

Feeds from security appliances, network monitoring systems, SIEM and any other enterprise data source are normalized as they are brought into DarkLight.   Because the analyst has encoded his unique methods and contextual knowledge of the organization into the Description Logics inference engine, it acts as his "virtual analyst" -- but at scale.

DarkLight automates the attribution and correlation of these system, sensor, event, appliance, and user activity logs and separates actionable threats for an orchestrated response or further analysis.

Learn More
Contact an Expert