Could Darktrace fix an home IoT device?
The issue with a tool like Darktrace is it can be installed at an ISP or company organization, not at a single customer site (which would probably don't understand what the tool reports).
But what it could do if many IoT devices at many houses are compromised? Ok, the IPS can cut the traffic and save Krebs' site, but what about the IoT devices if they perform critical tasks like controlling environment and open/closing doors when needed?
The problem with IoT is they can handle more critical tasks than web browsing or email, thereby identifying issues *after* they happen is not enough - especially if it needs a 600Gb/s DDoS to discover it.
I wonder also if Darktrace could have spotted the remote login to the fingerprint reader with default credentials - or would it have to wait for the exfiltration of data to spot something? It's a matter of early warning.