Darktrace / EMAIL
Self-learning AI email security for advanced threats, BEC, and GenAI-powered attacks.
Vendor Information
Darktrace / EMAIL Overview
Darktrace / EMAIL is an AI-powered email security platform that uses Self-Learning AI to detect and respond to sophisticated email threats through behavioral analysis rather than static rules or threat intelligence. Unlike traditional solutions that rely on known attack patterns, Darktrace learns the unique communication patterns of every user and organization, enabling detection of never-before-seen threats including Business Email Compromise (BEC), phishing, account takeover, and Generative AI (GenAI)-powered social engineering attacks within seconds of deployment via API integration.
The platform's Antigena autonomous response capabilities neutralize threats at machine speed—up to 30x faster than legacy tools—by automatically quarantining suspicious emails, modifying links, and disabling compromised accounts without human intervention. Cyber AI Analyst generates natural language incident reports for every security event, while behavioral Data Loss Prevention (DLP) monitors outbound emails and Microsoft Teams communications to prevent data leakage, reducing SOC workload by 60% through automated triage and investigation.
Headquartered in Cambridge, United Kingdom, Darktrace serves over 3,000 organizations globally and holds ISO/IEC 27001:2022, ISO/IEC 27018, ISO/IEC 42001 (AI management), SOC 2, and FedRAMP High certifications. Named a Leader in Gartner's 2025 Voice of the Customer for Email Security, the platform stops 58% of threats that evade other solutions and detects novel attacks an average of 13 days earlier than traditional email security tools.
Key Capabilities
Standardized capabilities mapped to this product's security niche
Integrates via Microsoft 365 or Google Workspace APIs without requiring MX record changes, enabling parallel deployment alongside an existing SEG and post-delivery remediation.
Classifies newsletters, marketing email, and bulk communications as a separate category from threats, reducing analyst noise without suppressing legitimate business email.
Automates the intake, deduplication, and triage of user-submitted suspicious emails, cross-references against in-flight campaigns and triggers retroactive remediation across all recipients.
Builds per-user and per-vendor communication baselines from historical email patterns to detect anomalous content, timing, or sender behavior without relying on signatures or blocklists.
Analyzes email body text semantically to detect social engineering, pretexting, and urgency manipulation in messages that contain no malicious attachments or URLs.
Detects compromised or spoofed third-party supplier accounts by analyzing communication pattern deviations, domain aging, and content signals, targeting invoice fraud and payment redirection attacks.
Assesses the email communication risk posture of external supplier domains, flagging suppliers with poor email authentication, recent domain registration, or anomalous communication patterns.
Detects signs of internal mailbox compromise (anomalous login geography, mail forwarding rule creation, unusual send volume), and can trigger automated session revocation.
Integrations
Compatible tools and platforms
Solution Details
Compliance & Certifications
Regulatory frameworks and security certifications
Deployment Options
Where and how this solution can be deployed
Support Channels
Available support and communication options
Pricing Model
How this solution is priced
How to buy
This profile hasn’t been claimed yet. Contact the vendor directly for pricing and purchasing options.
Is this your company?
Claim Your Profile