Real-time cyber protection solutions are designed to protect from an attack, however, these solutions fail and corporate data is corrupted daily. CyberSense adds a layer of protection to these real-time solutions and finds corruption that occurs when an attack has successfully penetrated the data center. CyberSense also enables recovery to occur quickly so business interruption is avoided.
CyberSense works with data protection software including the Dell EMC Cyber Recovery Vault and IBM's Cyber Resiliency offering and analyzes data in backups to identify files and databases that have been corrupted by ransomware. CyberSense utilizes a combination of full-content-based analytics and machine learning to detect when an attack has occurred.
CyberSense analytics are indicative of all common attack vectors including entropy changes, known ransomware extensions, data corruption and deletion, and over 100 other statistics. Machine learning automates the process of analyzing CyberSense’s statistics to send an alert when data corruption is detected.
When an attack does occur CyberSense provides forensic tools to diagnose and recover. This includes reports on files that were impacted so they can be replaced with the last know good version.