Why Cigent Stop Physical Data Exfiltration

Cigent protects endpoint data from sophisticated and persistent adversaries by rendering the data invisible.

Endpoint devices may be lost, stolen, or confiscated. Once adversaries have physical access to a device, neither software full disk encryption (FDE) nor self-encrypting drives (SEDs) will prevent data compromise.

  • Variety of methods, including tools like Passware Kits, can be used to circumvent software FDE solutions, including Bitlocker
  • Lack of proper IT hygiene creates misconfigurations, configuration drift, security app conflicts, weak credentials, and unprotected BIOS, enabling easy access to data
  • More sophisticated methods can defeat SEDs, including weak credential exploitation, brute force attacks, chip off, reverse engineering firmware, and many more
  • Work from home increases the risk of adversaries gaining physical access to the device

Our Layered Approach Provides Unmatched Physical Data Security

Invisible Data

Data is unreadable at the sector level until accessed by the trusted user with MFA.

Tamper-proof Credentials

Credentials are cryptographically derived, never stored in their final form, and use the maximum length, making them inaccessible to adversaries.

Dual Mode

Protected O/S and data are securely stored in a secret drive that cannot be detected, even when storage is viewed with the BIOS.

Direct Attacks to Compromise FDE and SEDs

Direct Attacks to Compromise FDE and SEDs
01

Weak credentials accessed by probing or using commercially available tools like passware kits

How Cigent differs: Credentials use the maximum length allowed and are cryptographically derived using the user-supplied password

02

Kernel or rootkits attacks alter or manipulate OS allowing encryption keys to be accessed

How Cigent differs: Credentials are never stored in their final form

03

Configuration failures identified utilizing tools like WinHex and R-Studio

How Cigent differs: World experts in advanced data recovery developed secure configurations that address all known configuration failures

04

Advanced methods including brute force attacks, chip off, reverse engineering firmware, x-ray examinations, and chip dumps

How Cigent differs: Data remains unreadable at sector level without Cigent supplied credentials