Digital Guardian Declares a New Dawn for Data Loss Prevention

Print Friendly, PDF & Email

Digital Guardian announced the general availability of the Digital Guardian Analytics & Reporting Cloud (DG ARC), the only data protection solution leveraging the same endpoint agent and management console to deliver Data Loss Prevention (DLP) and Threat Detection & Response (TDR). With DG ARC, customers of Digital Guardian can instantly access a subscription-based, big-data security analytics cloud service that puts their most sensitive information assets at the center of all data protection, user monitoring, and threat detection and response activities.

We are declaring this a new dawn for data loss prevention because we’re the first security platform to combine the traditional capabilities of DLP with the contemporary features required for endpoint threat detection and response, all delivered in the cloud,” said Ken Levine, president and chief executive officer of Digital Guardian. “A lot has changed in the security world, but one thing remains the same: data is the target. We need security solutions that always put sensitive data at the forefront of organizations’ security efforts and DG ARC achieves that.”

Today’s leading security industry analysts understand data is constantly at risk due to insecure insider behavior and a variety of external attacks; however, the market offers solutions for only one security challenge or the other. This arbitrary separation of insider versus outsider data protection requirements confuses the buyer and unnecessarily compels them to invest in more solutions than they really need.

The market demand for consolidation of security products is very pronounced at the endpoint,” explains Eric Ogren, senior security analyst at 451 Research. “Our research and market studies show that 61% of enterprises deploy 2-5 security products on their endpoints with close to 10% of respondents reporting between 6 and 20. This large number of tools becomes a significant barrier to managing risk effectively. Security services such as DG ARC that combine data protection with threat detection and response will appeal to security teams looking to reduce operational costs.”

DG ARC represents a new class of security solution – threat aware data protection delivered as a subscription-based cloud service. It provides the feature consolidation security buyers now demand. Leveraging a single endpoint agent to collect system, user, data and forensic events, DG ARC provides the core features, functions and capabilities of:

  1. Data Loss Prevention – DG ARC will identify and classify information contained within an object while at rest, in use or in transit and dynamically apply a wide range of policies and controls (i.e. log, report, classify, relocate, tag, block, encrypt, etc.).
  2. Threat Detection and Response – DG ARC will provide capabilities to detect, investigate, and mitigate malware, ransomware and other attacks on hosts/endpoints from external actors.
  3. Big Data Security Analytics and Reporting – DG ARC’s cloud-based, big data architecture removes storage limitations on the endpoint and can aggregate, analyze and query system, user and data related events across the network and endpoints.

The eventual goal of almost every security product on the market is to protect data. Database security prevents unapproved users from accessing data stores. Network and application scanning aims to correct network and app vulnerabilities to prevent hacker exploitation and unauthorized access to data. Next generation firewalls attempt to block the use of malicious applications that steal data. The emerging next gen anti-virus solutions claim to protect data by blocking malware that could result in data loss. But none of these solutions truly understand what they are intended to protect – the data. They have no ability to see inside a file, e-mail or packet and know exactly what’s in it – only the Digital Guardian Data Protection Platform does.

Protecting organizations requires a deep understanding of their data. DG ARC delivers the deepest data visibility available on the market today,” said David Karp, chief product officer at Digital Guardian. “It’s the only solution that empowers the InfoSec Analyst, Incident Responder and Threat Hunter to rapidly visualize how data is being used. Seeing this will highlight the risk posed to sensitive information by valid users and compromised systems. That intelligence is a requirement to understand real risk and drive the most effective approach to protecting sensitive data from all threats.”

About Digital Guardian Analytics and Reporting Cloud (DG ARC)

DG ARC is the newest component of the Digital Guardian Threat Aware Data Protection Platform. It is an advanced security analytics and reporting solution that protects data from all threats and is delivered as a subscription-based cloud service. Leveraging streaming data from Digital Guardian endpoint agents and network sensors, ARC provides the deepest visibility into system, user and data events. That visibility powers security analyst-approved dashboards to enable data loss prevention and threat detection and response – all within the same console.

DG ARC Key Features and Functions

  • “Human-Learning” Threat Detection, a.k.a. “Threat-Hunter-in-a-Box” – DG ARC packages over 150 man-years of “human-powered” data defense techniques and threat hunting best practices into pre-configured, behavior-based rules which are available out of the box. The rules are designed to (1) detect and control insider threats like non-compliant data exfiltration via the network and endpoints; and (2) detect outside attacks leveraging malware, ransomware and non-malware based attacks that can bypass machine learning driven EDR solutions.
  • Reporting & Analysis Workspaces – Digital Guardian’s team of experienced information security analysts, threat hunters and incident responders developed a series of ‘security analyst-approved’, pre-configured dashboards and workflows to guide security professionals to the events that matter most for identifying anomalous and suspicious insider and outsider activity.
  • Big Data Analytics in the Cloud – centralized recording in the cloud removes storage limitations on the endpoint agent and provides the ability to aggregate and analyze system, user and data related events across the network and endpoints over longer periods of time.
  • Alarms Management – DG ARC monitors the most comprehensive set of events for systems, users and data; then quickly filters through potential anomalies and triggers alarms only for the high fidelity events that warrant additional investigation by InfoSec and/or SOC Analysts.
  • Incident Management – incident workflows provide the ability to auto create incidents, which reduces dwell time.
  • Incident Response – numerous dashboard options ranging from monitoring to blocking data egress to terminating or real-time observation of suspicious system activity.

 

Sign up for the free insideAI News newsletter.

Speak Your Mind

*