DLP (Data Loss Protection) Solution
Data Loss Protection
Companies are under persistent threat of leaks of valuable data such as intellectual property (IP), personally identifiable information (PII), etc., from outside the company network and insiders. Advanced DLP tools prevent a user from sensitive information based on file contents. Such files can be hundreds of different formats, e.g., word, excel, zip, etc. However, such tools are not built to provide contextual information for forensic investigation in case of an unfortunate case of a data leak. Avalanchio provides this insight by gathering information from various data sources.
DLP Solution
Avalanchio agent software collects data generated by user activities from various endpoints in near real-time. Then it parses the data to generate standard data models by each functionalities to analyze any potential data loss or generates a trace of events that leads to a data loss situation.
Data Sources
- File storage logs
- S3 logs
- SAN logs
- Digital Guardian Agent
- Symantec DLP Agent
- MacAfee DLP agent
Input Data
- Access logs
- File copy
- CD/DVD burn
- Network transfer
- Uploads
- Send Mail
- Removable media usage (USB, SD card)
Solution Deliverables
- Common data model for DLP
- Live reports and dashboard
- Data egress (data exfiltration) to Third party websites Suspicious network target Removable media Suspicious domain
- Unknown asset
- Abnormal data transfers (threshold based)
- Suspicious file transfer (e.g. visio, pst, source code)
- Transfer to non-DNS domain (whitelists)
- Link Analysis
- Timeline View