DG 7.0 brings a complete redesign of the Digital Guardian product architecture for ease of deployment for a broad range of use cases, including data visibility, device control, threat correlation for indicator of compromise detection, and incident response.
Bridging the Gap between Systems Security and Data Protection
The past few years have seen an increasing cadence of massive data breaches impacting businesses – from retailers like Target and Home Depot to online companies like eBay and Zappos, entertainment companies like Sony Pictures and Ubisoft, and healthcare organizations like Community Health Services and, most recently, Anthem. While these breaches varied greatly in size, attack methodology, and impact, they all shared a common target: valuable data.
Many of these breaches followed a common sequence: attackers were able to compromise a specific system, gain access to the victims' networks, and leave with whatever sensitive data they wanted. Clearly there has been a gap here – while system breaches are becoming accepted as inevitable, the loss of sensitive data following a system compromise or breach doesn’t have to be. Yet in breach after breach, attackers have made off with crippling volumes of high-value data.
Digital Guardian 7.0 was born out of this necessity for data-centric security in today’s digital world. By taking a data-centric approach focused on securing sensitive data itself, Digital Guardian 7.0 bridges the gap between systems security and data protection.
Introducing Digital Guardian 7.0
For the past 11 years, Digital Guardian has been on the leading edge of data protection and data loss prevention. This latest release is an extension of our proven capability to protect data from insider threats to now protect systems and data from advanced threats. We’ve taken our behavioral approach to protecting data and applied it to detecting threats in real-time across the attack sequence.
This release also includes a new content server with out-of-the-box rules and policies to deliver instant value to customers. Digital Guardian has the most comprehensive system coverage with agents for Windows, Linux, Mac and Virtual environments. We offer flexible deployment options where customers can host and manage on premise or choose the Managed Security Program or Hybrid Managed Security Program options.
In addition to extending the capabilities of the DG agent, we’ve also made is easier to implement policies based on specific use cases. From a single Digital Guardian Management Console and one endpoint agent, customers have the ability to deploy functionalities for use cases without expensive add-on products or additional endpoint agents. The redesigned product architecture includes:
- Digital Guardian for Visibility and Control enables users to understand exactly where your organization’s sensitive data is and how it’s being used with kernel-level data visibility. It also delivers device control and encryption.
- Digital Guardian for Data Loss Prevention (DLP) adds deeper data visibility and fine-grained control and protection to stop insider threats. It also includes advanced classification by context, content and user with email and file control and encryption.
- Digital Guardian for Advanced Threat Protection (ATP) provides real-time threat protection by following the attack sequence from initial contact through myriad attack stages while offering flexible controls to defend in a manner commensurate to the customers risk tolerance. Furthermore, it enhances the existing security ecosystem with integrations to maximize investments in network solutions, like FireEye, and SIEM technologies, such as Splunk.
Digital Guardian Technical Overview
Understand how the Digital Guardian platform and agent works and its capabilities.
Related ArticlesMastering DFIR: Tools and Processes to Analyze Forensic Data
In this post, the first of two blogs, Tim Bandos helps break down the DFIR tools and processes he uses to carry out investigations.Clearing the Air
Google’s New “No Chrome Browser Injection Policy” Has No Impact on Digital Guardian’s DLP CapabilitiesExpanding Digital Guardian’s Best in Class Data Visibility for Information Security Professionals
Digital Guardian was founded to protect intellectual property on the endpoint from purposeful theft or accidental loss. Since then we have significantly expanded that mission to include cloud inspection, network inspection, EDR, and UEBA, but the deep visibility into system, user and data events continues to be a reason why many organizations deploy Digital Guardian.