nicolas digital guardian threat aware data ... - cybers.eu · confidential digitalguardian founded...
TRANSCRIPT
DIGITALGUARDIAN®
Delivering Threat Aware Data Protection
Confidential
DIGITALGUARDIAN▪ Founded 2003 as Verdasys
• Extensive data protection patent portfolio ▪ Global Presence
• MA, CA, London, Amsterdam, Paris, Munich, Tokyo • Deployed in 60+ countries
▪ Leader in Data-Centric Security • Leader in 2017 Gartner Magic Quadrant for Enterprise Data
Loss Prevention • #1 For Intellectual Property Protection, Gartner Critical
Capabilities for Enterprise Data Loss Prevention • 7 of the top 10 largest patent holders • 7 of the top 10 largest automotive manufacturers • 100+ Hospitals
▪ Anytime, Anywhere Data Protection • Windows, OS X, Linux • Network, Endpoint, Cloud, Database, • Protects data independent of the threat or the system • Data Protection, encryption, application control, device
control, forensics
Confidential
The Challenge
▪Organizations face an onslaught of threats to their most important data ▪Both from the inside ▪And the outside
Confidential
The Business Impact
▪Investing in more solutions than they need ▪Solutions that are so complex ▪It takes a ton of analysts to make sense of it all ▪How does your security stack look?
EDR A/V
DLP UEBA
NGFW SIEM
Confidential
The Business Impact
▪Drives up cost ▪Makes it even harder to effectively manage risk
5
Confidential
Delivering Threat Aware Data Protection
6
FIRST and ONLY Solution to Unify
Endpoint Detection & Response
Data Loss Prevention
User & Entity Behavior Analytics
Confidential
Delivering Threat Aware Data Protection
▪Detect ▪Prioritize ▪Respond ▪Remediate ▪All threats from one place
7
Confidential
▪Go from multiple tools ▪To: • One Console • One Agent
EDR A/V
DLP UEBA
Consolidate & Simplify Your Security Program
8
How It Works
Confidential
Digital Guardian Data Protection Pillars
10
Deepest Visibility Real-Time Analytics Flexible Controls
System Events +
User Events +
Data Events
▪ Filters out the noise
▪ Accelerates investigation
▪ Delivers incident discovery
▪ Don’t slow down your business
▪ Across network, storage, cloud, and endpoints
▪ Enforceable on all OSs
Confidential
Visibility to All Threats
11
Data Events
User Events
System Events
Combining system, user, and data insights provides the context you
need to protect against ALL THREATS.
Endpoint
DataRepositories
Cloud
Network
IntelligenceClassification User Policy Privilege Time/Date Count/Volume Source/
Destination Geo Author Network Status Trends Anomalies Obfuscation Patterns Threat Feeds
Correlation
Block Operation Warn Encrypt Justify Monitor Educate
Block Connection Quarantine Access Control Device Control Application Control File Move/Delete Rights Management
Adaptive Protection
Examination
Monitoring Advanced Reporting Evidentiary Forensics Logging/Screen Capture Key Log Capture File Capture
Chain of Custody Threat Origination/Propagation Attack Sequence Transmission
Capture
Threat-Aware Data Security & Compliance
Data Events (Open, Delete, Save As, Copy/Move, USB, Clipboard, Print,
etc.)
System Events (API, Registry, .DLL, Device, App
Launch, Binary, Driver, etc.)Visibility
Network Events (Discovery, Port/Protocol, Upload, Download, Email,
Cloud, etc.)
Confidential
DG for CISOs
▪Executive Risk Dashboard ▪Enterprise wide view of
data risks ▪Communicate risks to: • Executive peers • Board
▪Document organizational risk reduction
13
DG for Information Security Analysts
▪Clearly see how data is moving in and out of your organization ▪Easily view unusual
spikes in activity ▪ Instantly drill-in for
more information ▪Take action
14
Confidential
DG for Information Security Analysts
▪See all data centric events over time ▪Sendmail events ▪Network uploads ▪Removable media events ▪Printing
15
Confidential
DG for Threat Hunters
▪ Identify anomalous activity ▪Easily investigate ▪Neutralize the
attacks and contain the damage
16
Confidential
your data
17
Protect
Threat Aware Data Protection