AI Meets Active Cyber Defense and         Trusted Information Sharing

Leveraging automation to enhance the effectiveness of human defenders

Definition

What is Active Cyber Defense?

What is Active Cyber Defense?

Active Cyber Defense (ACD) is "an organization’s synchronized, real-time capability to discover, detect, analyze, and mitigate threats and vulnerabilities within their cyber defense ecosystem".

DarkLight supports each phase of ACD by synchronizing and automating sensing, sense-making, decision-making, and acting capabilities.  ACD is the cyber equivalent of the OODA Loop (Observe, Orient, Decide, Act) developed by military strategist and United States Air Force Colonel John Boyd. 

In warfare with photons and electrons, the observe, orient, decide and act cycle, or OODA loop, will be pulled into a knot and it will be so tight that people cannot be inside of it. We need...AI that we understand and can train."

—Dr. William Roper, Director, Strategic Capabilities Office of the OSD

What is Trusted Information Sharing?

What is Trusted Information Sharing?

Trusted Information Sharing (TIS) is sharing situational awareness, threat intelligence, and playbooks with communities of trust.

Both Active Cyber Defense and Trusted information Sharing are enabled by the Integrated Adaptive Cyber Defense framework.

How Integrated Adaptive Cyber Defense enables ACD and TIS

How Integrated Adaptive Cyber Defense enables ACD and TIS

The result of collaboration between NSA, DHS, Johns Hopkins University APL and many industry-leading vendors, Integrated Adaptive Cyber Defense (IACD) is a strategy for increasing the speed and scale of cyber defenses.

The rapid detection and mitigation of cyber threats requires the integration, synchronization, and automation of sensing, sense-making, decision-making, and acting capabilities across network layers, and relies upon the rapid ingestion and processing of shared threat and response intelligence among trusted partners."

DarkLight provides governance, adjudication, and management of decision making for the IACD framework, using explainable AI.  Click here to learn more.

Guided Automation

Guided Automation

DarkLight automates what was previously solely a human task in Adaptive Cyber Defense and Trusted Information Sharing. Upper-level sense-making and decision-making functions which require human expertise and analytic tradecraft “in the loop” are now captured, augmented and/or automated to perform at machine speed, while the human remains “on the loop” only as needed, to further train and guide the AI.

Download the DarkLight Business Data Sheet and learn how to improve your security operations.

This two-page document is ideal for the Security Analyst, Security Operation Center (SOC) Managers and CISO, and will explain the

  • Top Benefits
  • Key Value
  • How DarkLight differs from other Security Analytics and Orchestration tools
Ebook-Image

Ready to use the power of DarkLight's AI for Active Cyber Defense?

Start a 30-day free trial