Darktrace Deepens AI Network Defense With Mira Security Acquisition

The cybersecurity firm plugs encrypted traffic blind spots without sacrificing speed — or standards

In the never-ending chess match of cybersecurity, visibility is power — especially when the data stream is encrypted. In its latest strategic play, Darktrace has acquired Mira Security, a specialist in network traffic visibility, aiming to eliminate one of the biggest blind spots in modern enterprise defense: encrypted data.

The move signals a serious expansion of Darktrace’s reach into the guts of network detection, extending its AI-powered security fabric deeper into encrypted tunnels where threats often hide. More than a simple tuck-in, the acquisition will bake Mira’s high-performance decryption capabilities into Darktrace’s flagship NETWORK product — long considered a bellwether in the Network Detection and Response (NDR) space.

“The acquisition of Mira Security is another building block in our strategy to develop best-in-class cybersecurity solutions and keep our customers safe through continuous innovation,” said Phil Pearson, Chief Strategy Officer at Darktrace. “Mira Security has already proven to be a valuable source of insight for our AI.”

Decrypt Without Disrupt

With TLS encryption now the norm across everything from cloud apps to critical infrastructure, traditional security tools face a choice: decrypt traffic (and risk latency, privacy, or architectural overhauls) or fly blind. Mira Security’s technology sidesteps that tradeoff, enabling comprehensive in-line decryption without tanking performance or requiring a full redesign of enterprise networks.

Combined with Darktrace’s self-learning AI, this creates a potent closed-loop detection engine that can analyze both clear and encrypted data with minimal friction — a vital capability for highly regulated sectors like finance, healthcare, and government.

A Global Engineering Boost

The acquisition isn’t just about IP — it’s about people. Mira’s R&D team, split between Centurion, South Africa and the U.S., brings deep chops in low-level protocol design, high-throughput firmware, and standards-body know-how. The engineering infusion is expected to power new Darktrace hardware with 100 Gbps interfaces and beefed-up ingestion pipelines, tailored for sprawling hybrid deployments.

Mira Security CEO Niel Viljoen called the merger a force multiplier for both teams. “The combination of Mira Security and Darktrace’s unique technology and brilliant R&D talent will create even more exciting possibilities for protecting complex network environments,” he said.

Another Strategic Layer

Darktrace has been on an acquisition streak. This is the second major purchase in recent months following its buyout of Cado Security, which expanded the company’s footprint in cloud forensics. Both moves align with Darktrace’s broader vision: an AI-driven cybersecurity mesh that connects endpoint, cloud, network, and identity signals into one intelligent nervous system.

It's also a flex. Darktrace / NETWORK is not just a product — it’s a category leader, topping charts from Gartner, IDC, and KuppingerCole. Now, with encrypted visibility in its arsenal, it’s setting a new bar for what NDR should look like in an age of zero-trust architecture and machine-speed threats.

No Partner Left Behind

While integration is a priority, Darktrace says existing Mira partners won’t be left in the lurch. Legacy relationships will be supported post-acquisition, ensuring continuity as customers — and attackers — shift further into encrypted territory.

The message is clear: in the era of AI, visibility isn’t optional, and encryption shouldn’t be a blindfold. With Mira’s tech folded into its platform, Darktrace is betting that decrypting the future of cybersecurity starts with seeing it all — without missing a byte.