Introducing Cigent Bare Metal

Cybercriminals can't exfiltrate data that doesn't exist.

Bare Metal adds a layer of SSD firmware-based security to D3E for Windows 10.

It's time to face the cold, hard truth.

Any endpoint security or encryption solution, that relies on only software-based protections, can be bypassed. How do hackers do it?

  • Disable the endpoint security agent.
  • Physically remove the SSD.
  • Bypass the OS by booting from a different operating system.
  • Steal encryption keys.

Today, you can take control of what's yours.

Keep your data where it belongs—with you. Cigent has partnered with Phison, one of the world’s leading storage controller manufacturers, to create Cigent Bare Metal SSDs for both NVMe and SATA interfaces. When paired with the Cigent Data Defense Engine (D3E) for Windows 10, Cigent Bare Metal SSDs, powered by Phison, provide a layer of firmware-based protection that’s virtually impossible to bypass.

When a threat is detected, Cigent Bare Metal locks down data instantly. To the cybercriminal, your data doesn't even exist.

See what Cigent Bare Metal can do for your company.

Automatic Partition Locking on Shutdown

When you shutdown your Windows system, D3E automatically locks Protected partitions in the firmware of the Bare Metal SSD—if your SSD is removed without authorization, your files are protected. When you reboot your system, Protected partitions are unlocked automatically.

End-of-Life Secure Erase Validation

With its built-in True Erase™ feature, Cigent Bare Metal uses the SSD’s own firmware to remove data from the drive. To ensure data cannot be recovered, erasure verification is key. Cigent and its SSD partners embed this crucial step into the firmware of all Cigent Bare Metal SSDs.

Tethered Protections

Keep Alive, available in select Cigent Bare Metal-enabled SSDs, monitors the connection between the D3E agent and SSD continuously. Compatible third-party endpoint agents are also monitored. If endpoint security is bypassed or the SSD stolen, all Protected files are encrypted on the fly. They remain locked in the firmware layer until the D3E endpoint and SSD connection is reauthenticated.

Firmware-Based Encryption and Range Locking

Data stored on Bare Metal SSDs is fully encrypted using industry-standard TCG Opal 2.0 extended range locking. For even greater security, special Locked and Protected partitions are invisible until the user unlocks them using D3E authentication. Once unlocked, these special partitions remain under the watchful eye of D3E, requiring a simple and secure step-up authentication to access.

Threat-Aware File Locking

When a D3E threat sensor or integration partner triggers an Active Lock, Protected files disappear from the Windows file system and are cryptographically locked in the firmware of the SSD. Once the threat is remediated, Active Lock is automatically released and Protected files reappear.

Protect your data with Cigent Bare Metal.

Contact Us

See why Cigent True Erase matters.

Numerous studies show that when users or organizations are ready to donate, recycle, or sell their SSDs, more than 40% don’t completely remove their data. This leaves sensitive, or even classified information exposed. Many organizations don’t trust the current tools available to remove data and are thereby forced to spend thousands of dollars either storing these devices or physically destroying them at end of life.

Get your Cigent Bare Metal Drive powered by Phison.

Pricing and Availability

Cigent Bare Metal SATA  M.2 / 2 1/2" Internal Solid State Drive

Cigent Bare Metal USB External Solid State Drive

Cigent Bare Metal NVVMe M.2 Internal Solid State Drive