Stopping Data Exfiltration with Context-Aware DLP
CHALLENGE: Too Much Noise, Too Little Context
Today’s targeted attacks, whether launched by insiders or by external hackers, are primarily focused on stealing an organization’s most sensitive data. The primary defense against data exfiltration is to apply access controls, and in some cases data loss prevention (DLP) monitoring tools. Fully deployed, these controls tend to be defenseless against motivated insiders or outsiders and they generate a continuous stream of false positives. To combat these complex threats effectively, organizations need better context of a user’s identity, behavior and their associated peers in order to pinpoint the real attacks and to focus monitoring efforts on what is high risk before it is too late.
SOLUTION: Context-Aware DLP
Securonix addresses this challenge through real time monitoring and analysis of sensitive data access and usage at the source in applications (such as SAP, Oracle eBusiness Suite, EPIC, and other commercial off-the-shelf or custom applications) and data repositories (such as Microsoft SharePoint, and others). Securonix automatically detects high-risk data access and usage for real-time investigation and access removal thereby reducing the exposure to sensitive data at its source. Meanwhile, if DLP monitoring at the endpoint, egress, or host is being used, Securonix will automatically identify the true high-risk DLP events through advanced identity, behavior, and peer group analysis. The combination of these advanced monitoring and detection techniques provides the real user identity and behavior context to rapidly detect the most complex data exfiltration and snooping attacks.