Endpoint Detection Net (EDN) Suite: Data Cloak
Why Use DataCloak to Protect Information?
Hide and Deny Access to Sensitive or Critical Data
Attackers steal and destroy information as part of their attacks, whether they seek to move deeper into the network or to hold data for ransom. Preventing them from seeing or accessing local file and account information can prevent lateral movement, discovery, and data theft or destruction. Attivo Networks Endpoint Detection Net (EDN) DataCloak function hides and denies access to local files, folders, removable storage, network or cloud shares, local administrator accounts, and application credentials. By denying attackers the ability to see or exploit critical data, organizations can disrupt their discovery or lateral movement activities and limit the damage from ransomware attacks.
“WE BELIEVE THAT THE ONLY INNOVATION IN THE DECEPTION SPACE RECENTLY HAS COME OUT OF OUR PARTNERSHIP WITH ATTIVO”
— PRESIDENT OF TECHNOLOGY, FORTUNE 500 DIGITAL PAYMENT PROVIDER
Local Admin Accounts
PREVENT DAMAGE TO CRITICAL DATA WITH DATACLOAK
Hide and Deny Access to Local, Network, and Cloud Storage
01 Attacker compromises a system
02Attacker enumerates local files and folders
03Attacker queries for local administrator accounts
04 Attacker looks for mapped network and cloud shares
05 EDN DataCloak hides and denies access to sensitive files, folders, and local administrator accounts
— Hide and deny access to ransomware to prevent discovery or encryption of local, network, or cloud-stored data
— Hide Local Administrator accounts so they can’t be used to escalate privileges