The advanced cybersecurity defenses built into the operating firmware of this SSD repel ransomware attacks and prevent data theft even when all other cybersecurity protections fail or are bypassed. When used in conjunction with Cigent Dynamic Data Defense Engine® for Windows (D³E), Cigent Secure SSDs protect data throughout the entire device lifecycle—from provisioning to end-of-life—defending against a vast number of threat vectors.
Available in NVMe internal and external configurations, the Cigent Secure SSD™ comes in three sizes—480GB, 1TB, and 2TB. It can be installed as the primary storage device on a Windows PC where the OS runs, as secondary internal storage (such as in a desktop tower), or as external media plugged into a USB port.
All Cigent Secure SSDs include a free lifetime license to Cigent D³E®. The D³E companion software agent easily configures all Cigent Secure SSD security features. Plus, D³E adds an additional layer of Zero-Trust file access controls that uses multifactor authentication to protect important files and Secure Drives at all times, even during a security breach. Critical files are protected at the endpoint, on the network, in the cloud, or when shared with trusted users.
Use D³E to easily set up hardware-encrypted Safe Rooms on the Secure SSD. Designated files are not just inaccessible to an attacker or unauthorized party; they remain completely invisible until mounted by the user via a step-up authentication. Once mounted, individual files are protected by D³E and if D³E or your antivirus software detects a threat, Secure Drives auto-lock and disappear from the OS layer until the threat is cleared.
Common techniques of attackers include disabling security software, booting from an alternate OS, and removing the drive. Cigent Secure SSD uses a Keep Alive heartbeat in the firmware that constantly ensures designated cybersecurity software is running, including D³E. If not, all Secure Drives automatically encrypt on the fly and remain hidden, invisible, and fully inaccessible to an attacker.
Includes features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters.
Cigent Secure Drives can be installed on systems that support Bitlocker Full-Disk Encryption, creating a more granular approach to encryption—one that's both threat-aware and more secure than software-based encryption. The effect of these security measures is that sensitive files are accessible for a very limited time and only on an as needed basis by the trusted user.
A dedicated security processor employs machine learning to automatically detect and repel ransomware attacks, even if host security software is disabled or bypassed. When an attack is detected by the Secure SSD, sensitive files stored in Safe Rooms automatically lock and disappear from the operating system layer until the threat is cleared. For files not stored in a Safe Room, Cigent D³E employs Zero-Trust multifactor authentication for file access, thus preventing ransomware from accessing and encrypting those files as well.
Available in Denali model only
Use D³E to set up a hidden drive that remains invisible to the operating system until you flip into it using multifactor authentication. Dual Mode enables numerous use cases: segment your system into work vs personal usage—hide ultra-sensitive files from would-be attackers on the hidden drive—install two different operating systems and share your system with another user.
Advanced attackers always wipe their tracks, deleting system and data access logs. Cigent Secure SSD captures and protects comprehensive, firmware-secured data access logs and audit trails that cannot be wiped. Access logs are stored for incident response, non-repudiation, and litigation use.
Cigent Secure SSD is the first and only SSD to include TrueErase™, firmware verification that reports each block’s erased or unerased state after a wipe attempt, allowing the trusted user to safely repurpose their device, retire it, or ship it for destruction, saving money on expensive media and allowing you to implement a green policy to storage device lifecycle management.
Sophisticated attackers with enough time, money, and resources will find a way to bypass cybersecurity measures that are based solely on software. Sensitive files on endpoints have been at risk from cyberattacks due to a wide array of threat vectors, including:
Unencrypted data after login
Credential compromise (theft, poor hygiene)
Vulnerabilities (OS, apps, firmware)
Unhealthy PC State (configuration drift, agent corruption, OS updates, BYOD PCs)
Disabled security software
Advanced malware and fileless attacks
Supply chain compromise
Advanced APT attacks, chip implants, BIOS and firmware malware
Secure Drive
D³E Included
FIPS 140-2 Level 2 Certification
Keep Alive
Coexist with Bitlocker
Dual Mode
Secure Access Logs
True Erase
Built-In Ransomware Detection
Secure Drive
D³E Included
FIPS 140-2 Level 2 Certification
Coexist with Bitlocker
Secure Drive
D³E Included
Keep Alive
Coexist with Bitlocker
Dual Mode*
Secure Access Logs*
True Erase*
Secure Drive
D³E Included
Keep Alive
Coexist with Bitlocker
Dual Mode*
Secure Access Logs*
True Erase*
Built-In Ransomware Detection
Easily, effectively protect data on endpoints and external media with little-to-no IT or SOC involvement. Storage firmware hides sensitive files, constantly ensures the PC is in a secure state, and D3E software enables zero-trust file access controls securing sensitive files, while never blocking trusted user file access or quarantining systems. In the event of lost or stolen devices, sensitive files are completely hidden by firmware and inaccessible by any means without the trusted user’s authentication.
Address critical requirements of data governance and privacy programs by effectively securing endpoint data addressing regulatory requirements including HIPAA, GDPR, GLBA, PCI-DSS, CCPA, CMMC, and more.
Protect intellectual property, digital assets, and other sensitive data from malicious insiders by ensuring only trusted users can access critical files or storage. Detect insiders who move around systems trying to access documents or steal credentials. Respond effectively and precisely by knowing what was taken by insiders with detailed data access logs that cannot be deleted and are protected by firmware.
Intrinsic multilayered ransomware prevention uses firmware to hide sensitive files and requires zero-trust file-access controls for data access and use, very effectively and easily preventing ransomware from accessing files to maliciously encrypt them.
Firmware hides files and D3E software ensures only trusted users can access and modify files.
Comprehensive, detailed storage data access logs are saved and protected by firmware from being deleted, thus enabling quick and effective response to endpoint data breaches.
When a device or media is determined to be repurposed, retired, or destroyed, proper data sanitization is required when sensitive files have been saved on the system. Research has shown SSDs often inaccurately report successful removal of data. Our built-in verification technology shows the user exactly what has been removed and what information, if any, still remains.
Numerous studies show that when users or organizations are ready to donate, recycle, or sell their SSDs, more than 80% don’t completely remove their data. This leaves sensitive, or even classified information exposed. Many organizations don’t trust the current tools available to remove data and are thereby forced to spend thousands of dollars either storing these devices or physically destroying them at end of life.
480GB
1TB
2TB
Lifetime D³E software license
Microsoft Windows® 7, 8, and 10
HIPAA
GLBA
NIST 800-88
Interface: PCIe Gen3x4 NVMe 1.3
Form factor: M2 2280-D3
Operating temperature: 0º to 70º C
Non-operating temperature: -40º to -85º C
NAND Flash: 3D TLC
TCG Opal 2.0
Remotely upgradeable firmware
USB adapter and cable (USB 3.0/USB-C) (external drive only)
Warranty: 12-months hardware warranty