Awake Security, the only advanced network traffic analysis (NTA) company that delivers a privacy-aware solution, today announced the results of an independent, side-by-side test completed by The Tolly Group which evaluated the Awake Security Platform against the Darktrace Enterprise Immune System in a live customer environment. The test demonstrated Awake’s solution was more than twice as accurate and produced 1500% fewer “noisy” alerts than Darktrace, saving customers time and money while providing more actionable threat detection and better protection against breaches.
Tolly Group tested five attack scenarios that are key for Network Detection and Response (NDR) solutions to address. These use cases included detection of IoT threats, data theft and exfiltration, insider threats and credential theft. The test was performed at a current Darktrace customer that was looking for a quantifiable way to evaluate NTA/NDR solutions while comparing their existing solution to the Awake Security Platform.
Cumulatively across these five scenarios, the Awake Security Platform delivered 2.5X greater accuracy (100% vs 40%), stronger signal-to-noise ratio (95% vs 13.5%), and better ability for security teams to validate attacks (100% vs 40%) without having to pivot out to other tools and resources – steps that ultimately introduce errors and decrease productivity. Tolly Group also credited Awake for its intuitive and powerful interface, and advanced architecture with multiple detection engines and rich security-focused search capabilities.
“Conducting this test at a site running both Awake and Darktrace solutions in a proof-of-concept evaluation provided us with a very accurate side-by-side comparison,” said Kevin Tolly, founder of The Tolly Group. “For the key use cases we evaluated, Awake performed far more precisely, recognizing all five attack scenarios while Darktrace only recognized two. And on top of that, Darktrace produced far more noise, generating more than fifty non-actionable alerts compared to just one for Awake. Ultimately, this results in Awake delivering a more intuitive tool that empowers security teams to secure the organization more effectively.”
Awake’s next-generation solution uses multiple detection technologies to achieve the results documented in the test. The Awake platform is designed to detect advanced, multi-stage attacks that can circumvent first-generation NTA solutions and are becoming much more common.
“Security teams are continuously swamped with irrelevant alerts that prevent them from detecting and responding to real attacks. The Tolly Group’s findings show that Awake cuts through the noise to provide the threat insights that save customers time and money, and most importantly, delivers measurably better protection against breaches,” said Rahul Kashyap, CEO, Awake Security. “Security teams need confidence in their alerts before they can counter the detected threats. Awake provides that confidence and goes a step further by giving analysts the tools they need to quickly validate the threat and then take action – capabilities that no other solution on the market can provide.”
The Awake Security Platform mimics the way an expert threat hunter’s brain works and uncovers behaviors and threats that are invisible to existing technologies. It does this by applying an ensemble of artificial intelligence and heuristic-based approaches to every packet that crosses the network – whether on-premise, IoT or OT and cloud. This is significantly more effective than a first-generation unsupervised learning and anomaly detection approach that is plagued with false positives and importantly false negatives. Instead Awake brings the skills and knowledge of the world’s foremost investigators to every customer. Unlike other vendors, this enables detection of attacker tactics, techniques and procedures rather than just known indicators of compromise and exposes threats hiding in plain sight – something that could previously only be accomplished by experienced analysts with the time and resources to hunt.
The Tolly Group test is the latest proof-point affirming Awake Security’s position as an industry leading NTA solution. Awake Security was previously selected as a “Top 3” solution for detecting lateral movement, credential abuse, and threat hunting by Enterprise Management Associates, named in Gartner’s first market guide for network traffic analysis, and ranked as the #1 security solution being evaluated by Global 1000 Companies.
To learn more about the Awake Security Platform and to see use cases outlining how global organizations use Awake to combat threats such as credential abuse, insider attacks, lateral movement, and data exfiltration, please visit https://awakesecurity.com/product.
To read the full Tolly Report, please visit: https://awakesecurity.com/white-papers/tolly-test-report-darktrace-enterprise-immune-system-vs-awake-security-platform.
About Tolly Group
The Tolly Group companies have been delivering world-class IT services for more than 30 years. Tolly is a leading global provider of third-party validation services for vendors of IT products, components and services.
Visit Tolly at: http://www.tolly.com.
About Awake Security
Awake Security is the only advanced network traffic analysis company that delivers a privacy-aware solution capable of detecting and visualizing behavioral, mal-intent and compliance incidents with full forensics context. Powered by Ava, Awake’s security expert system, the Awake Security Platform combines federated machine learning, threat intelligence and human expertise. The platform analyzes billions of communications to autonomously discover, profile and classify every device, user and application on any network. Through automated hunting and investigation, Awake uncovers malicious intent from insiders and external attackers alike. The company is ranked #1 for time to value because of its frictionless approach that delivers answers rather than alerts and recognized as the #1 information security solution being evaluated by global 1000 companies in Enterprise Technology Research’s (ETR) Summer 2019 Emerging Technology Study.
Awake is headquartered in Santa Clara, CA and backed by Greylock Partners and Bain Capital Ventures. Learn more at https://www.awakesecurity.com and follow Awake on Twitter (https://twitter.com/awakesecurity), LinkedIn (https://www.linkedin.com/company/awake-security) and Facebook (https://www.facebook.com/AwakeSecurity).