CyberSense 970x90

Stop Ransomware in Progress with CyberSense

Detect abnormal changes in the data center and stop an attack in progress


Organizations have deployed a diverse set of tools to help detect and prevent cyber-attacks: firewalls to limit access to known users, DLP software to prevent known sensitive and critical information from leaving the corporate network, virus scanners to identify and remove known malware, behavioral analysis tools to detect known malware activity. All good investments. All focused on real-time reactive prevention of attacks when they are happening.

Yet, bad actors persist. They find ways around firewalls.


Index Engines new CyberSense feature is designed to protect organizations against those new attacks. It is based on the concept that while there are an unlimited number of potential attacks that bad actors create, there are only a limited number of things that they will do to your data once they get through your defenses.

The Index Engines strategy is unique. Assuming other software is focused on preventing the attack, Index Engines assumes that software has failed. CyberSense monitors the mission-critical data in your data center, looking for signs of a successful attack. This data can be located on only on your file servers, but also your backup servers. (For CyberSense as part of Dell EMC's Cyber Recovery, go here.)

The implications of adding this additional security layer to your data center are far reaching. If an attack can be detected after the fact, but within a single backup cycle, then recovering from a cyber-attack becomes no different than recovering from any other disaster – just restore the last backup minus the malware.



As of product launch, CyberSense has detected the effect of all known ransomware with greater than 99% accuracy, failing only with false positives, and all within one backup cycle.

Cyber criminals attack mission-critical data. This data can amount to hundreds of terabytes or even petabytes of content. Index Engines unique advantage in the market is speed and scale. Only Index Engines was purpose built to support large scale data environments with efficient and scalable indexing power. Reaching speeds up to 1TB per hour per node, the CyberSense capabilities can easily keep up with data as it changes over time. Our federated, scale out architecture means that you can deploy the solution globally and manage it centrally.

CyberSense can monitor both primary network data stores and backup stores. Our unique, patented ability to scan the contents of backup images at these speeds without needing native backup software means CyberSense can be integrated into your regular disaster recovery procedures. Scanning can begin and a new set of statistics can be generated as soon as the backup completes. If an attack is detected, a selective restoration can be executed that leaves the corrupt and suspicious files behind.