Digital Guardian Add-On Modules

Enhance and Extend Your Data Protection Program

Digital Guardian add-on modules enhance and extend your data classification, incident investigation and advanced threat protection capabilities.

User Driven Classification Module

Digital Guardian’s User Classification module – powered by Boldon James - complements DG’s automated data classification methods by allowing users to classify data manually. Empowering data owners to accurately identify their sensitive data can deliver a more effective approach to classifying data than using automated methods alone.

Digital Guardian policies can enhance user classification-driven classification by offering real-time prompts to check and train users to identify data correctly. Combining content, context, and user-enabled classification rules allows an agent’s automated assessment to check a user’s manual assessment to resolve conflicting tags for reporting and policy enforcement.

Investigation Module

The Investigation Module extends Digital Guardian’s data event recording capabilities to include advanced evidence like screen capture images, file content and key logs. The additional forensic information captured by the Investigation Module is then preserved and correlated with other event metadata and Alerts logged by endpoint agents to provide investigators with greater incident context and guide them quickly to artifacts of highest interest.

The Investigation Module, configured in the Digital Guardian Management Console can be deployed for a specific individual or group of individuals whom an organization is actively investigating. The module allows investigators to record additional evidence and securely retain a complete series of activities on a user’s system before, during and after incidents or events of interest occur.

Policies are user-aware so any physical or virtual machine where the module is operational will “know” to begin recording activities as necessary when a specified employee logs in, eliminating any risk of lost evidence if multiple machines are used to perform actions against policy.

Memory Forensics Module

The Memory Forensics Module extends the advanced threats defense capabilities of the DG agent by analyzing code in memory to reveal malware, risky applications, and other advanced threats.

This module:

  • Forensically scans a snapshot of endpoint memory and uses Digital DNA® to rate threat severity of executable code in memory - without relying on signatures
  • Provides actionable alerts and points directly to the implicated processes
  • Enables forensics based investigation of anomalous behavior detected by the DG core agent
  • Assigns a machine risk score that can be used by the DG agent to enforce adaptive rules
  • Memory evidence can be preserved and retrieved via the DG Management Console

Digital Guardian Technical Overview

Learn how Digital Guardian’s advanced technology works to secure your sensitive data regardless of the threat.

Download now

Active Defense ™

Powered by Digital DNA®

Learn how Digital Guardian can help Security Analysts proactively detect advanced malware in-memory

Get the Datasheet
Free Trial 2017 Gartner DLP MQ Contact Us