Overview
Data is growing faster than your perimeter and policies can’t keep up with the usage. Data is also constantly transposed by business processes across multiple silos. A cross-silo policy management creates visibility to any breaches, regardless of where they take place.
Each data transaction is unique and contains the forensic assets required to build a data-centric view of your business. With the Datiphy solution, every end-to-end transaction is processed and all events recorded. By focusing on the complete transaction, data activities and the full context in which they occur are captured.
With Datiphy, all assets are extracted in each data transaction, billions of times per day. By analyzing the entire pool, baselines are established and false alarms are eliminated. By automating the harvesting of these key building blocks, the strongest data-centric audit and protection posture possible is created.
Assets are indexed upon extraction and compared to every asset ever witnessed. Changes, including methods and behaviors, are detected immediately and relationships linked. Automated indexing allows users to easily search for any event in plain English and retrieve it instantly.
The Datiphy platform fills the gaps that exist between point solution tools and glues them together to visualize your entire data lifecycle. Policy and behavior tools are usually configured by gut feel, educated guess and rule of thumb methods which lead to a noisy solution riddled with false alarms.
Because Datiphy is auditing every data transaction, accuracy is provided by the scientific certainty of analyzing the entire pool. Analytics can be exported as feeds to other security tools; ensuring their policies are based upon fact and not methods that produce false alarms. Relationships & behaviors among assets are visualized with the same level of accuracy. Select any data asset and you will see every interaction that has occurred among all other assets within seconds.
WOULD YOU LIKE TO SEE WHERE YOUR DATA IS AND WHO IS LOOKING AT IT?
Features
Compliance. Visualized
Datiphy captures the complete forensics of every phase of your database lifecycle for compliance. From the moment new data is created until it is deleted, you will have visibility to every activity and who has been accessing it.
Data leaked by lookers. Captured
The pool of people who can read data is much larger than the pool of those that can write. DLP tools focus on the transport of sensitive data, not the observance. Datiphy sees those that accidentally or maliciously take a look at sensitive data, regardless of whether they take it or change it.
Compliance factors. Sequenced
The Datiphy data asset management process constantly sequences. The key building blocks for maintaining compliance. If an auditor asks for a random report, don’t worry. Datiphy extracts and indexes every data asset, regardless of whether or not you previously set a policy or action. Reporting details is simple and fast for internal and external audits.
Audit request list. Easy
Datiphy provides the fastest and most robust data forensics available. Because every data transaction is processed by the asset extraction and indexing engines, searching and reporting the who, what, when, where, and how for any event or data asset is a breeze.
Accident or not. Proven
Sometimes things happen by accident and people don’t even know they did anything wrong. Other times claimed ignorance is a cover for a disgruntled employee. With Datiphy you can go straight to the event to see what happened, the method used, and take the appropriate steps to resolve the matter quickly.
Policies across silos. Anywher
What works on premise, may not work in the cloud. Datiphy users build and manage data-centric security policies to coordinate management processes and security controls across data silos. Because the focus is on the data, Datiphy policies apply regardless of their location.
Data assesment. Confirmed
When a breach is discovered finding exactly what has been stolen takes weeks to confirm. Datiphy reveals facts and activities from the data’s perspective. Users see the moment a breach begins and know with certainty what, if anything, has been compromised.
Alert verification. Expedited
Generic and uncorrelated alerts, combined with a manual verification process, are a recipe for disaster. Datiphy produces alerts based upon scientific fact. Users investigate alerts with the complete forensic detail at their fingertips, improving their Mean Time to Verification and limiting the damage.
Relevant detail. Now
When systems are overloaded with alerts, threats can go uninvestigated. With the Datiphy indexing engine working for you, responding to alerts with relevant detail in real-time enables teams to validate threats rapidly.
Relationships & behavior. Data DNA™
Datiphy extracts and indexes data assets from every transaction billions of times per day, then builds scientific relationships among the assets and baselines their behavior. Any change in behavior or method is sensed immediately and false alarms are eliminated. Get the facts from your data and see everything.™
Logs & threat intelligence. Merged
The problem with log data is it is overwhelming and lacks relevance. The problem with threat intelligence is it lacks detailed actions to take. Datiphy bridges the gap, giving log data intelligent context and making threat intelligence actionable. Users gain unparalleled data-centric context needed to help detect targeted, dynamic, and stealthy attack methods.
Every detail. Recorded
Datiphy is the data transaction version of an airline flight recorder. Detailed forensics, indexed in real time, allow you to see your sensitive data in action as it flows in and out of the enterprise. When an event happens, Datiphy has already recorded the details and taken policy action regardless of data silos.
Replay any event. Safely
Users can replay any event safely to study the attack method or build alerts/actions/policies to be deployed on any other tools. This feature can also be used for “what if” scenarios to test and verify before deploying into the production environment.
Control anything. Instantly
Datiphy indexes the assets of every data transaction as it occurs, making events easy to find and the forensics behind them instantly available. However, the Datiphy command center is more than a search box. The command center allows the user to quickly move within all areas of the platform, to view real time activities such as top talkers, policy violations and report generation among others.
Response times. Improved
The Datiphy indexing engine provides instant access to critical alert forensics. With just the facts and nothing false to distract you, Mean Time to Response is measured in minutes not days. The faster you investigate, the less damage the attack can cause.
Relationships context. Understood
Many tools will provide a glimpse into your data assets, but can’t see the complete story. With Datiphy, not only will you see the relationships among the data assets, but you will have the complete context in which those assets interact.
Suspicious behaviours. Detected
Improve your Mean Time to Resolution by discovering compromises as they happen and seeing the relationships among all similar suspicious behavior. Stopping the attack is only part of the job; with detailed behavioral context at your fingertips, ensuring it cannot happen again finishes the job.
Data in action, resting, in transit. Traced
Correlating data activities is a continuous task performed by Datiphy. As each asset is automatically profiled, relationships among other assets are identified and linked. The ability to see every method, behavior and relationship associated with any asset is delivered in seconds.
Every user. Identified
The patented user mapping technology of Datiphy will identify real users and map their actions from the initial HTTP request through the backend database response. The behavioral engine will track every move they make to build a profile with anything they access. Even when stolen credentials are used and everything appears normal, Datiphy will detect the difference in method or behavior.
Scheduled & instant reports. Customized
Report Builder generates both scheduled and instant reports with as much detail as you want to select. Administrators can customize as desired, providing internal and external analytic reports quickly.
Deployments
Agent Based Deployment
This Datiphy installation is ideal for organizations that have databases that require monitoring but do not have any typical access ports (SPAN or TAP) available. The Datiphy Host Agent is installed on database servers and relays traffic-of-interest to the Datiphy Enterprise Engine and Network Agent. Suitable for any sized organization’s monitoring needs, this scenario offers all of the Datiphy compliance, forensics, security and behavioral analysis capabilities for a complete monitoring solution.
Network Deployment
This all-in-one Datiphy installation is intended for both complex and simple infrastructures provided that a usable packet sniffer, a TAP (Test Access Port), or a SPAN port is available to retrieve the traffic of interest. Suitable for either SMB or Enterprise infrastructure, this scenario offers all of the Datiphy compliance, forensics, security and behavioral analysis capabilities for a complete monitoring solution.
Hybrid Deployment (Network & Agent)
Ideal for complex on-premise infrastructure, this scenario offers IT professionals the option of utilizing access ports (SPAN, TAP, or Packet Sniffer) or Datiphy Host Agents to collect database transactions. This deployment is best for large organizations and data centers that require flexibility when installing the Datiphy compliance, forensics, security and behavioral analysis capabilities into infrastructure for a complete monitoring solution.
