Partner MDR · Darktrace ActiveAI

MDR sur Darktrace ActiveAI: Self-Learning AI governed by senior analysts.

The Fortgale SOC européen 24·7·365 governing the Darktrace AI. Antigena autonomous response validated by L2/L3 analysts to avoid false positives, ~11 min median containment on incident escalation.

Richiedi il Report Come funziona
~11 minConfinement médian
24·7·365SOC européen
Pattern of LifeSelf-Learning AI
Fortgale × Darktrace
MDR · live
Sensore Darktrace attivoTelemetria endpoint · cloud · identità
Darktrace
SOC italiano 24·7·365Analisti L2/L3 · interlocuzione diretta
Fortgale
Tier-zero AI multidominioRumore ridotto del 94%
Fortgale
Risposta nativa DarktraceIsolamento host mediano ~8 s
Live
Intelligence proprietaria34 000+ IOC settimanali · attori italiani
Fortgale
MDR operativo — Darktrace + Fortgale SOC attivi
Conformità
ISO/IEC 27001
NIS2 ready
DORA aligned
GDPR · ACN
Partnership tecnologica
Darktrace ActiveAI
MITRE ATT&CK aligned
OpenCTI
Pourquoi Fortgale + Darktrace

Self-Learning AI, governed by people who know European context.

Darktrace ActiveAI builds a 'pattern of life' for every device. Powerful for unknown threats but prone to false positives on heterogeneous environments. Fortgale governs the Antigena AI with analystes européens who know the operational context of entreprises européennes.

01 ·

Darktrace ActiveAI · Self-Learning

Pattern of life per device, network, user. Native NDR + email (Antigena Email) + cloud + endpoint. Detection of unknown unknowns via behavioural anomalies, no signatures.

02 ·

SOC européen 24·7·365

L2/L3 analysts spécialisés sur Darktrace. Antigena tuning, réduction des faux positifs, contextualisation on European environments. Triage <15 min on Darktrace AI alerts.

03 ·

Antigena governance + IR

Validation of autonomous response: which traffic to block, which to slow. Custom rules for business-critical processes. Escalade directe to Fortgale IR. Accompagnement complet à la notification CSIRT national NIS2 notification.

Comment ça marche · architecture

Quatre blocs, un cycle MDR on Darktrace.

From self-learning baseline to validated Antigena response — le tout gouverné par Fortgale with analystes européens who know operational context.

01 ·
01 · Learning

Pattern of life baseline

7-14 days of learning to build the per-device pattern of life. Sensors on network (NDR), email (Antigena Email), cloud, endpoint. Continuous baseline updates.

02 ·
02 · Tier-zero

Darktrace AI + custom tuning

Detection of behavioural anomalies via Self-Learning AI. Fortgale tunes thresholds and exclusions on European context, reducing false positives by 60-80%.

03 ·
03 · Analysts

Our L2/L3 govern AI

European SOC validates every Darktrace AI decision before Antigena fires. Critical decisions never fully autonomous on production assets. Interaction directe dans votre langue business.

04 ·
04 · Response

Antigena + IR escalation

Antigena governed: autonomous traffic block, anomalous isolation device, email quarantine. Escalade directe to Fortgale IR for incidents critiques requiring forensic and recovery support.

Proof · metriche del servizio

Quattro numeri che reggono l'MDR su Darktrace.

Metriche misurate sulla telemetria reale dei nostri clienti — Q1 2026, aggiornate trimestralmente.

~11 min
Confinement médian
from confirmed Darktrace alert
60-80 %
False positives
reduced by Fortgale tuning
Pattern
Per-device of Life
Self-Learning AI
21 days
Onboarding complet
Darktrace + Antigena
Ce que comprend le service

MDR sur Darktrace, en détail.

Every component designed to leverage Darktrace AI with European SOC governance, avoiding false positives on production environments.

01

Managed Darktrace ActiveAI

Darktrace licensing (or existing instance). Network, email, cloud, endpoint sensors managed by Fortgale. Continuous baseline tuning. Per-environment adaptation.

02

Antigena governance

Validation of autonomous response: rules for business-critical processes, exclusions, response thresholds. Avoids unwanted blocks on legitimate workloads.

03

Proprietary CTI integration

34,000+ IoCs per week from Fortgale OpenCTI intégrée as Darktrace Custom Watchlists. Behavioural detection enriched with intelligence propriétaire.

04

Cross-domain hunting

Monthly hunting via Darktrace Investigate using pattern of life + proprietary CTI. Focus on lateral movement, data staging, persistence not covered by automatic detections.

05

Reporting & governance

Executive reports with MTTD, MTTR, Antigena interventions, FP rate. Per-incident technical reports. NIS2/ISO 27001/GDPR audit documentation.

06

Cyber AI Loop

Darktrace PREVENT + DETECT + RESPOND + HEAL integration. Attack Path Modelling for proactive risk assessment. Fortgale orchestrates the entire AI Loop.

Per chi · due angolazioni

Stesso MDR su Darktrace, due angolazioni.

Il CISO decide sul rischio. Il responsabile IT decide sul runbook. MDR Fortgale produce evidenze per entrambi.

Per il CISO

Un runbook nominativo per attore, su stack Darktrace.

Il CISO riceve ogni mese il profilo dei 3 attori più probabili contro il proprio settore, con il runbook MDR Fortgale già mappato sulla telemetria Darktrace ActiveAI.

  • Threat briefing mensileAttori, TTP osservate, campagne in corso sul vostro settore.
  • Runbook su DarktracePlaybook vivi mappati MITRE, eseguibili sulla console Darktrace ActiveAI.
  • Reporting board-readyRischio · impatto · decisione. Niente tecnologia da slide.
Richiedi il threat briefing →
Per il responsabile IT

Zero handover traduttore. Analisti italiani sulla vostra console Darktrace.

Quando l'alert Darktrace è reale, il tempo di decisione è il tempo di contenimento. I nostri analisti L2/L3 conoscono la console Darktrace ActiveAI e hanno mandato di decidere.

  • Contenimento mediano ~11 minDall'alert confermato alla remediation in produzione.
  • Risposta nativa DarktraceKill processi, isolamento host, network containment via API Darktrace ActiveAI.
  • Integrazione end-to-endTelemetria Darktrace ingerita nella nostra data fabric multidominio.
Vedi un runbook reale →
FAQ · frequently asked

Everything to know before talking to our analysts.

What is the Fortgale MDR service on Darktrace?

Combines Darktrace ActiveAI (Self-Learning AI for network, email, cloud, endpoint) with the Fortgale SOC européen 24·7·365. L2/L3 analysts govern Antigena AI, validate autonomous decisions and apply MITRE-mapped runbooks to avoid false positives on sensitive workloads.

What is Darktrace Antigena?

Antigena is the Darktrace autonomous response: it blocks or slows anomalous traffic based on learned behaviour (Self-Learning AI). The Fortgale SOC governs Antigena to avoid unwanted blocks on business-critical processes and to orchestrate cross-domain response.

Do I need to already have Darktrace?

No. Fortgale handles the full cycle: licensing, sensor deployment (network, email, cloud, endpoint), self-learning model tuning, Antigena configuration. Available both on existing instance or as part of the service.

Is the service NIS2-compliant?

Yes. We support NIS2 transposition requirements: monitoring continu, IoC collection for national CSIRT notification sous 24 heures, technical documentation for 72-hour notifications.

How long does Darktrace activation take?

Darktrace sensor deployment is fast (1-2 days), but the Self-Learning AI model requires 7-14 days to build the 'pattern of life' behavioural baseline. Full MDR service onboarding: 14-21 jour ouvrés.

Parla con il presidio

Un incontro. Un NDA. Un runbook reale su Darktrace.

Ti portiamo il Report sul tuo settore con gli attori più probabili e un runbook MDR concreto sulla tua console Darktrace ActiveAI.

Tempo di risposta: < 1 giorno lavorativo.

Questo sito è protetto da reCAPTCHA e si applicano la Privacy Policy e i Termini di servizio di Google.