Real-time cyber protection solutions are designed to protect from an attack. However, these solutions are not 100% effective and corporate data is corrupted daily. CyberSense adds a layer of protection to these real time solutions and finds corruption that occurs when an attack has successfully penetrated the data center. CyberSense also enables recovery to occur quickly so business interruption is avoided.
CyberSense works with data protection software and analyzes data in backups to identify files and databases that have been unknowingly corrupted by ransomware. CyberSense utilizes a combination of full-content-based analytics and machine learning to detect if an attack has occurred. CyberSense analytics are indicative of all common attack vectors including entropy changes, known ransomware extensions, data corruption and deletion, and over 100 other statistics. Machine learning analyzes CyberSense’s statistics and to determine if data corruption has already occurred.
Post attack, CyberSense provides forensic tools to diagnose and recover. This includes reports on files that were impacted so they can be replaced with the last know good version, the type of attack vector, and with analysis of event logs the specific users accounts and executables or malware that performed the attack. CyberSense analytics, machine learning and forensic tools deliver the knowledge you need to quickly detect and recover from cyberattacks.