Endpoint Detection Net Suite: DataCloak
DataCloak Demo in Two Minutes
Why Use DataCloak to Protect Information?
Hide and Deny Access to Sensitive or Critical Data
Attackers steal and destroy information as part of their attacks, whether they seek to move deeper into the network or to hold data for ransom. Preventing them from seeing or accessing local file and account information can prevent lateral movement, discovery, and data theft or destruction. Attivo Networks Endpoint Detection Net (EDN) DataCloak function hides and denies access to local files, folders, removable storage, network or cloud shares, local administrator accounts, and application credentials. By denying attackers the ability to see or exploit critical data, organizations can disrupt their discovery or lateral movement activities and limit the damage from ransomware attacks.
“WE BELIEVE THAT THE ONLY INNOVATION IN THE DECEPTION SPACE RECENTLY HAS COME OUT OF OUR PARTNERSHIP WITH ATTIVO”
— PRESIDENT OF TECHNOLOGY, FORTUNE 500 DIGITAL PAYMENT PROVIDER
PROTECTED ASSETS
Local Folders
Local Folders
Network Shares
Cloud Shares
Removable Drives
Local Admin Accounts
Application Credentials
PREVENT DAMAGE TO CRITICAL DATA WITH DATACLOAK
Hide and Deny Access to Local, Network, and Cloud Storage
Sequence
01 Attacker compromises a system
02Attacker enumerates local files and folders
03Attacker queries for local administrator accounts
04 Attacker looks for mapped network and cloud shares
05 EDN DataCloak hides and denies access to sensitive files, folders, and local administrator accounts
Use Cases
— Hide and deny access to ransomware to prevent discovery or encryption of local, network, or cloud-stored data
— Hide Local Administrator accounts so they can’t be used to escalate privileges