Bitglass, the Total Data Protection company, today announced Bitglass Breach Discovery, a service that dynamically analyzes an enterprise’s risk of network data breach by identifying high-risk outbound data flows from the corporate network. Breach Discovery is part of the Bitglass Total Data Protection Suite, which protects corporate data on the network, in the cloud, at access and on mobile devices. The Bitglass Breach Discovery service is a cloud-based automated engine that analyzes firewall logs against a continually updated risk intelligence database to identify exfiltration to high-risk locations outside the firewall including malware, targeted threats, cloaked destinations, zero-day attacks, insider threats, shadow IT and more. breach Traditional breach prevention solutions are focused on blocking network or malware intrusion by inspecting inbound traffic. Such solutions are deployed as inline appliances at the firewall. Sophisticated hackers are able to get past such intrusion detection appliances via a variety of ways including stolen passwords, trojans on mobile devices and laptops, targeted pfishing attacks etc. Once inside the network, the hacker exfiltrates sensitive data to a remote network location or file-sharing application through the corporate firewall, and is often undetected for months. Recent data breaches at Sony, JPMorgan, Home Depot, Target and others occurred despite significant investment in breach prevention technologies, and the hacker was able to export sensitive data over long periods of time entirely undetected.
“The Bitglass Breach Discovery service is valuable to any enterprise concerned with breach risks, especially since it requires no additional software or hardware to install and manage," said Marc Hamer, CIO of Babcock and Wilcox.
One enterprise that beta-tested the new service was immediately surprised by what they found – first, a Linux server with access to source code repositories was exfiltrating sensitive data via seemingly benign clock synchronization events to a cloaked destination; second, a salesperson’s company-issued laptop was indirectly accessing a confirmed malware host via a benign URL. These two ongoing breaches were uncovered despite the comprehensive security investments the company had made.
“Data Breaches are the first topic of discussion for the CIO in any board room,” said Zahid Afzal, COO of Capital Bank. “The Bitglass Breach Discovery Service adds a new weapon to limit the damage.”
Enterprises simply feed logs to the Breach Discovery service and receive reports carrying ranked alerts with drill-downs by various parameters to assist in remediation of the breach. In contrast, traditional on-premise log analytics and SIEM solutions require substantial investments in hardware, software and personnel to install and maintain, with additional manpower and risk intelligence to interpret and investigate a firehouse of unranked alerts.
“Data breaches in retail, healthcare, financial services, and other industries cause considerable economic damage, costing jobs, reputations and financial losses,” said Nat Kausik, CEO of Bitglass. “Our mission is to protect corporate data outside the firewall and an important part of the mission is to analyze the data that is leaving the firewall. Bitglass Breach Discovery service enables corporate IT professionals to discover breaches before it is too late.”