Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Index Engines announces new release of CyberSense

October 2020 by Marc Jacob

Data integrity experts Index Engines announced the latest enhancements to its ransomware detection and recovery software, CyberSense, to help organizations win the war against cyberattacks.

CyberSense provides advanced data analysis software that scans backup data to check integrity, monitors files to identify changes indicative of cyberattack, and provides forensic reporting to diagnose and recover from corruption.

CyberSense uses a combination of full-content-based analytics and machine learning to detect if an attack has occurred. If attack vectors are identified, CyberSense provides forensic tools to diagnose and recover, including reports on files that were impacted so they can be replaced with the last known good version to ensure business operations return to normal with minimal downtime.

Among the performance enhancements are increased data throughput, new database workloads and aggregation to a central cloud repository.

- Increased data throughput for the analysis of backup images, including virtual machine backups. The enhancements include increased parallelism to fully utilize the processing power of the CyberSense server including the ability to quickly determine if file within a backup was already analyzed in a previous backup, allowing it to be skipped over for analysis.

- New database workloads for CyberSense analytics and integrity validation. These include the SAP HANA database and the Microsoft Extensible Storage Engine (ESE), also known as JET Blue which is a core component of core of Microsoft Exchange Server and Active Directory (DB2, SharePoint, MS-SQL, Oracle, and others also supported).

- New option that aggregates CyberSense statistics from clients into a central cloud repository. This repository does not contain any client data only anonymous statistics from CyberSense scans. The statistics resulting from the CyberSense scan will be analyzed by the latest version of the CyberSense machine learning model for improved results.

While real-time cyber protection solutions are designed to protect from an attack, protection gaps do occur. Metadata-only solutions can miss more sophisticated attack vectors, providing a false sense of confidence.

CyberSense is the only data analytics product on the market that validates the integrity inside all files and databases on the initial scan. CyberSense will detect even the most sophisticated corruption that hides inside files, providing 99.5 percent confidence in alerting an attack occurred.

CyberSense begins its attack detection workflow with comprehensive indexing. Every time CyberSense sees a new backup image, statistics are generated from that scan and compared to previous scans. These analytics are input into CyberSense’s machine learning model. The results are deterministic regarding the data’s integrity and if the data has been corrupted by a ransomware attack.

CyberSense also provides various reports and details that assist in the diagnosis and recovery from the attack. CyberSense provides the attack vector utilized to manipulate the data as well as a complete listing of suspect files that have been manipulated, providing an understanding of the breadth of the attack.

Additionally, using the event logs analysis tools, CyberSense reports on the user account that was breeched and the executable data that was used to corrupt the data in order to eliminate the threat.

And because CyberSense is continually looking at how data has changed, it can provide the intelligence needed to assist in the restore of the last known good copy of the file.

CyberSense is integrated with the Dell EMC Cyber Recovery solution and resold by IBM Resiliency Services and Global System Integrators who offer hardware, software, and professional services. CyberSense pricing is based on the capacity of data processed. Additional information about how CyberSense adds a layer of protection on real-time ransomware and cyber protection solutions is available.




See previous articles

    

See next articles