Cigent’s Zero Trust approach to endpoint data protection ensures that all sensitive files, whether live or encrypted, are protected at all times, even when your standard cybersecurity protections are bypassed or your credentials are compromised.
Endpoint cybersecurity is a $30B industry, yet more and more systems are compromised every day.
Source: Absolute | 2019 Endpoint Security Trends Report
Enterprise EDR and next-gen antivirus solutions don’t stop all types of ransomware and malware. In fact, 86% of exploit kits use specific techniques to avoid detection.
Source: Minerva | Why “Next-Gen AV” is just “AV”
Most endpoint security solutions combat only malware, yet 50% of attacks are not malware based.
Source: CrowdStrike | 2020 Global Threat Report
Of cyber breaches that succeed, 71% originate from the endpoint.
Source: Cyber Research Data Bank
Full-disk encryption has limitations. In fact, encryption failure occurs in 42% of endpoints.
Source: Forbes | 2020 Roundup of Cybersecurity Forecasts and Market Estimates
D3E requires a simple form of authentication to access any sensitive file. A true game changer for Windows 10 endpoints, this frictionless layer of security stops ransomware, malware, and hacking dead in its tracks, keeping sensitive information safe. And for businesses of any size, D3E includes a cloud-based management console that makes centralized endpoint protection easy.
Defeat attempts to ransom and steal data by restricting access to your files with a simple, second factor of authentication. Restrict access at all times, or only when a threat is detected.View Features
Using two-factor authentication, Active Lock protects designated files on your Windows 10 PC from ransomware, malware, fileless malware, and other threats.
Protect your files in one of three ways—by file type, in designated folders, or in configurable hardware-encrypted disk partitions (SED SSD required).
To make it quick and easy to access locked files, D3E works with your preferred authentication method, such as Windows Hello (PIN and fingerprint), Google Authenticator, or other authentication solutions.
To minimize disruption, protected files, folders, and disk partitions can be configured as threat-aware, meaning they lock only when a threat is detected and unlock when it's cleared—automatically.
For sensitive documents, user access is challenged by a step-up authentication—not only when a threat is detected, but at all times.
Ransomware cannot encrypt a file that is locked with a step-up authentication—it can't access the file. It’s that simple.
If you fall victim to a phishing attack—one that compromises your system or credentials—D3E ensures your Locked files, folders, and partitions are always protected.
If you sync Dropbox and OneDrive folders to your computer, D3E protects your local folder—seamlessly.
Deployed through the D3E Management Console, Group File Locking locks protected files and partitions—on every system in a designated group—when D3E detects a threat to any group member's system.
Cigent D3E features a suite of advanced threat sensors and integrations with leading endpoint security solutions, to continuously monitor your Windows 10 system for signs of compromise.View Features
D3E provides incremental layers of threat detection—not found in most AV and EDR solutions—such as device health monitoring, network and data deception, untrusted network detection, and AI-based threat sensors.
AI-based machine learning sensors monitor data access patterns and detect ransomware attacks—in real time. If you’re attacked, D3E prevents ransomware from encrypting both Locked and Threat-Aware Files.
Network and File System deception engines provide virtually zero false-positive indications of hacking activity. When deception events are detected—such as an attempt to access user-configured file honeypots or lateral communication of rogue devices on a trusted network—D3E instantly locks all protected files.
Using machine-learning sensors, D3E continuously authenticates a user’s identity. Keyboard typing cadence and network usage patterns are monitored for signs of compromise. If abnormalities are detected, protected files are locked and unlocked automatically, based on AI-determined threat levels.
D3E instantly locks protected files when Windows Security detects a threat and automatically releases the Active Lock when the threat is remediated.
D3E adds a layer of protection to Bitlocker files when they are most vulnerable—after the user logs in, and Bitlocker files are in an unencrypted state.
If any Windows security agent is disabled, D3E instantly locks protected files until the host agent is restored.
D3E works seamlessly with leading next-gen antivirus, EDR, and enterprise security solutions. When any one of your solutions detects an attack, D3E protects your data automatically.
When a new network or public Wi-Fi connection is made, D3E locks your protected files until you designate the network as trusted, using a step-up authentication.
When an untrusted USB device is inserted, D3E invokes Active Lock to protect your data until you trust the device, using a step-up authentication.
If your bluetooth device is tethered to Windows Hello, and is out of range, D3E locks your files for added protection.
Store ultra-sensitive files in custom hardware-encrypted disk partitions that vanish from the OS layer when a threat is detected or your system is power cycled.View Features
When used in conjunction with Cigent’s Dynamic Data Defense Engine (D3E), Cigent Secure SSD™ supports a number of firmware enhanced cybersecurity features that protect data throughout the entire device lifecycle—from provisioning to end of life—defending against a vast number of threat vectors.
Ideal for ultra-sensitive documents, files stored in Locked Secure Drives remain encrypted and invisible to the OS until the user mounts the drive with a step-up authentication. Once mounted, files stored in Locked Secure Drives are are always protected with a step-up authentication.
When the threat level is elevated, files stored in Dynamic Secure Drives are immediately encrypted and disappear from the Windows OS until the threat is cleared or mounted by the user with a step-up authentication.
Cigent Secure Drives can be installed on systems that support Bitlocker Full-Disk Encryption, creating a more granular approach to encryption—one that's both threat-aware and more secure than software-based encryption.
Cigent Secure SSD storage devices use a Keep Alive heartbeat in the firmware that constantly ensures designated cybersecurity software is running, including D3E. If not, all Secure Drives automatically lock and can not be bypassed.
Cigent Secure SSD storage captures and protects comprehensive, firmware-secured file access logs and audit trails that cannot be wiped. Access logs are stored for incident response, non-repudiation, and litigation use.
Secure SSD storage is the first and only SSD to include Cigent TrueErase™, firmware verification that reports each block’s erased or unerased state after a wipe attempt, allowing the trusted user to safely repurpose their device, retire it, or ship it for destruction, saving money on expensive media and allowing you to implement a green policy to storage device lifecycle management.
Manage all of your company's Windows 10 devices from a single cloud-based console. Easy to use, the enterprise-grade D3E Business Console provides flexible, centralized deployment, configuration, and response management.View Features
View Active Lock, policy compliance, and protection status across all devices. Easily identify devices that are not meeting minimum protection standards and those that should have incremental protection configured.
For rapid response to externally-detected threats, engage Active Lock on a single device or on a group of devices—quickly and easily.
View historic threats across all devices. Use predefined filters or Google-style search to quickly refine your search.
Upon login, users are notified of any new threats that have been reported since they last logged in. To stay abreast of newly detected threats at all times, subscribe to hourly email notifications.
To facilitate better policy and threat-response management, organize devices into logical groupings.
Assign minimum protection settings either globally or by device set. Take advantage of predefined, customizable protection for Microsoft Office and Adobe files. Load a protection configuration from an existing device and use it as a policy template.
Configure and manage integrations to other endpoint detection and response solutions, such as CarbonBlack, Sophos, PC Matic, and CyberArk, to enable an additional layer of response to threats detected by those solutions.
Device Loss or Theft