- By Industry
- By Use Case
Digital Guardian add-on modules enhance and extend your data classification, incident investigation and advanced threat protection capabilities.
User Driven Classification Module
Digital Guardian’s User Classification module – powered by Boldon James - complements DG’s automated data classification methods by allowing users to classify data manually. Empowering data owners to accurately identify their sensitive data can deliver a more effective approach to classifying data than using automated methods alone.
Digital Guardian policies can enhance user classification-driven classification by offering real-time prompts to check and train users to identify data correctly. Combining content, context, and user-enabled classification rules allows an agent’s automated assessment to check a user’s manual assessment to resolve conflicting tags for reporting and policy enforcement.
The Investigation Module extends Digital Guardian’s data event recording capabilities to include advanced evidence like screen capture images, file content and key logs. The additional forensic information captured by the Investigation Module is then preserved and correlated with other event metadata and Alerts logged by endpoint agents to provide investigators with greater incident context and guide them quickly to artifacts of highest interest.
The Investigation Module, configured in the Digital Guardian Management Console can be deployed for a specific individual or group of individuals whom an organization is actively investigating. The module allows investigators to record additional evidence and securely retain a complete series of activities on a user’s system before, during and after incidents or events of interest occur.
Policies are user-aware so any physical or virtual machine where the module is operational will “know” to begin recording activities as necessary when a specified employee logs in, eliminating any risk of lost evidence if multiple machines are used to perform actions against policy.
Memory Forensics Module
The Memory Forensics Module extends the advanced threats defense capabilities of the DG agent by analyzing code in memory to reveal malware, risky applications, and other advanced threats.
- Forensically scans a snapshot of endpoint memory and uses Digital DNA® to rate threat severity of executable code in memory - without relying on signatures
- Provides actionable alerts and points directly to the implicated processes
- Enables forensics based investigation of anomalous behavior detected by the DG core agent
- Assigns a machine risk score that can be used by the DG agent to enforce adaptive rules
- Memory evidence can be preserved and retrieved via the DG Management Console
Digital Guardian Technical Overview
Learn how Digital Guardian’s advanced technology works to secure your sensitive data regardless of the threat.