Layer Zero Data Protection

Using two-factor authentication, Active Lock protects designated files on your Windows 10 PC from ransomware, malware, fileless malware, and other threats.

Protect your files in one of three ways—by file type, in designated folders, or in configurable hardware-encrypted disk partitions (SED SSD required).

To make it quick and easy to access locked files, D3E works with your preferred authentication method, such as Windows Hello (PIN and fingerprint), Google Authenticator, or other authentication solutions.

To minimize disruption, protected files, folders, and disk partitions can be configured as threat-aware, meaning they lock only when a threat is detected and unlock when it's cleared—automatically.

For sensitive documents, user access is challenged by a step-up authentication—not only when a threat is detected, but at all times.

Ransomware cannot encrypt a file that is locked with a step-up authentication—it can't access the file. It’s that simple.

If you fall victim to a phishing attack—one that compromises your system or credentials—D3E ensures your Locked files, folders, and partitions are always protected.

If you sync Dropbox and OneDrive folders to your computer, D3E protects your local folder—seamlessly.

Deployed through the D3E Management Console, Group File Locking locks protected files and partitions—on every system in a designated group—when D3E detects a threat to any group member's system.

D3E provides incremental layers of threat detection—not found in most AV and EDR solutions—such as device health monitoring, network and data deception, untrusted network detection, and AI-based threat sensors.

AI-based machine learning sensors monitor data access patterns and detect ransomware attacks—in real time. If you’re attacked, D3E prevents ransomware from encrypting both Locked and Threat-Aware Files.

Network and File System deception engines provide virtually zero false-positive indications of hacking activity. When deception events are detected—such as an attempt to access user-configured file honeypots or lateral communication of rogue devices on a trusted network—D3E instantly locks all protected files.

Using machine-learning sensors, D3E continuously authenticates a user’s identity. Keyboard typing cadence and network usage patterns are monitored for signs of compromise. If abnormalities are detected, protected files are locked and unlocked automatically, based on AI-determined threat levels.

D3E instantly locks protected files when Windows Security detects a threat and automatically releases the Active Lock when the threat is remediated.

D3E adds a layer of protection to Bitlocker files when they are most vulnerable—after the user logs in, and Bitlocker files are in an unencrypted state.

If any Windows security agent is disabled, D3E instantly locks protected files until the host agent is restored.

D3E works seamlessly with leading next-gen antivirus, EDR, and enterprise security solutions. When any one of your solutions detects an attack, D3E protects your data automatically.

When a new network or public Wi-Fi connection is made, D3E locks your protected files until you designate the network as trusted, using a step-up authentication.

When an untrusted USB device is inserted, D3E invokes Active Lock to protect your data until you trust the device, using a step-up authentication.

If your bluetooth device is tethered to Windows Hello, and is out of range, D3E locks your files for added protection.

If your system includes an internal or external self-encrypting drive (TCG Opal 2.0 compliant), D3E makes it easy to create custom hardware-encrypted disk partitions that securely store encrypted files below the Windows OS layer.

If disk space on your self-encrypting hard drive is fully allocated, D3E makes it easy to reconfigure existing partitions to create customizable Locked and Threat -Aware Secure Drives.

Ideal for ultra-sensitive documents, files stored in Locked Secure Drives remain encrypted and invisible to the OS until the user mounts the drive with a step-up authentication. Once mounted, files stored in Locked Secure Drives are are always protected with a step-up authentication.

When the threat level is elevated, files stored in Threat-Aware Secure Drives are immediately encrypted and disappear from the Windows OS until the threat is cleared or the user mounts the Secure Drive with a step-up authentication. Once mounted, files remain protected until the threat has been cleared.

Cigent Secure Drives can be installed on systems that support Bitlocker Full-Disk Encryption, creating a more granular approach to encryption—one that's both threat-aware and more secure than software-based encryption.

Files stored in Cigent Secure Drives automatically lock when your system is power cycled, and cannot be bypassed if the system is lost, stolen, or a threat actor live-boots it from a USB drive.

View Active Lock, policy compliance, and protection status across all devices. Easily identify devices that are not meeting minimum protection standards and those that should have incremental protection configured.

For rapid response to externally-detected threats, engage Active Lock on a single device or on a group of devices—quickly and easily.

View historic threats across all devices. Use predefined filters or Google-style search to quickly refine your search.

Upon login, users are notified of any new threats that have been reported since they last logged in. To stay abreast of newly detected threats at all times, subscribe to hourly email notifications.

To facilitate better policy and threat-response management, organize devices into logical groupings.

Assign minimum protection settings either globally or by device set. Take advantage of predefined, customizable protection for Microsoft Office and Adobe files. Load a protection configuration from an existing device and use it as a policy template.

Configure and manage integrations to other endpoint detection and response solutions, such as CarbonBlack, Sophos, PC Matic, and CyberArk, to enable an additional layer of response to threats detected by those solutions.