Awards

Cyber Security Awards
Info Security Products Guide 2020 Bronze

Why use DataCloak to protect information?

Hide and deny access to sensitive or critical data

Today’s attackers steal and destroy information as part of their attacks, whether they seek to move deeper into the network or to hold data for ransom. Preventing them from seeing or accessing local file and account information can prevent lateral movement, discovery, and data theft or destruction. The Attivo Networks Endpoint Detection Net (EDN) DataCloak function hides and denies access to local files, folders, removable storage, network or cloud shares, local administrator accounts, and application credentials. By denying attackers the ability to see or exploit critical data, organizations can disrupt their discovery or lateral movement activities and limit the damage from ransomware attacks.

PROTECTED ASSETS

Insider Threat Supplier/Local Files

Local Files

Local Folder Single

Local Folders

Network Shares

Network Shares

Mitigate Risk

Cloud Shares

Removable Drives

Removable Drives

Local Admin Accounts

Local Admin Accounts

Application Credentials

Application Credentials

Prevent Damage to Critical Data

Hide and Deny Access to Local, Network, and Cloud Storage

DataCloak

Sequence

01   Attacker compromises a system

02   Attacker enumerates local files and folders

03   Attacker queries for local administrator accounts

04   Attacker looks for mapped network and cloud shares

05   EDN DataCloak hides and denies access to sensitive files, folders, and local administrator accounts

USE CASES

  • Ransomware protection

    • — Hide and deny access to ransomware to prevent discovery or encryption of local, network, or cloud-stored data


  • Deny privilege escalation

    • — Hide Local Administrator accounts so they can’t be used to escalate privileges


“We believe that the only innovation in the Deception space recently has come out of our partnership with Attivo”

President of Technology, ​Fortune 500 Digital Payment Provider​