Cyberhaven Unveils Full Context Blocking
Innovative Data Detection and Response (DDR) Platform Provides Security Teams with Breakthrough Visibility and Control Over All High-Value Enterprise Data
PALO ALTO, Calif. , July 12, 2021 — Cyberhaven, inventor of the industry’s first Data Detection and Response (DDR) platform, announces the availability of new in-line blocking and adaptive response capabilities to transform how organizations protect their data from IP theft and insider threats. As the only solution to apply real-time policy enforcement based on the full lineage and enterprise context of data, Cyberhaven enables security teams to protect any type of data and mitigate risks that were never possible with traditional DLP and CASB tools. Cyberhaven’s Full Context Blocking can prevent exfiltration or misuse of sensitive, high-value data with unprecedented accuracy without the need for complex rules and tagging.
“The addition of comprehensive blocking capabilities to our platform extends Cyberhaven’s mission to modernize the data protection category and replace obsolete DLP products,” said Howard Ting, CEO, Cyberhaven. “Despite being a staple in the data security tech stack, DLP products today do nothing more than create pain for security teams and friction for users. Our DDR platform sets the new standard for data protection that is comprehensive, accurate, easy to implement, and mitigates data risk in the common workflows that define modern digital businesses.”
Cyberhaven’s latest features enable real-time enforcement policies based on the full context and history of data. Teams can automatically identify and control high-value data, ensuring that policies follow data even as it is modified, copied and shared across the enterprise. The platform’s blocking capabilities extend even further, preventing risky data sharing to personal cloud storage and encrypted messaging applications as well as local USB media.
Since Cyberhaven’s DDR platform operates well beyond content patterns or binary block/allow functionality like most DLP tools, it can better protect all sensitive enterprise data, whether in-use, in-motion or at-rest, even in locations that were unknown to the security team and regardless of any user evasion tactics. By mapping a complete lineage of data’s movement from inception, organizations have the visibility and control necessary to ensure security policies protect any type of data — even if encrypted — without the need to tag or pre-process it. This visibility and control helps further minimize the risks of data sprawl without sacrificing users’ ability to create, collaborate and maintain privacy.
“False positives have been the gating factor for our data protection policies and every one of them makes users angry and creates extra work for our team,” said Lance Wright, VP Information Security and Privacy, Bazaarvoice. “Cyberhaven has changed that completely with blocking that is accurate and reliable, and we have a built-in trace of every event so we can validate each decision.”
In the past, organizations have been apprehensive about using DLP data blocking features out of a concern for disrupting productivity and work. DLP regular expressions are highly prone to false positives, while policies from DLP products are often seen as one-sided decrees lacking the fluidity and complexity to truly accommodate the needs of dynamic digital organizations. Conversely, end-users perceive traditional DLP blocking as invasive and disruptive, primarily when used as a means of enforcing newly introduced or previously unknown security policies. Cyberhaven’s blocking methodology remedies those issues by calling upon contextual information, such as provenance, app, user, and content, to enforce policies without frustrating users and overwhelming security teams with false positives from outdated signature models.
For more information about Cyberhaven and its DDR capabilities, please visit: https://www.cyberhaven.com/data-detection-and-response.
Cyberhaven is the data security company revolutionizing how companies protect their most important information from theft and misuse. Until now, security products only recognized and protected a limited range of data types because they relied on finding patterns in the content itself. Our data tracing technology analyzes billions of events surrounding every piece of data to better understand and classify it, allowing for protection of a much broader range of sensitive data in any form, anywhere it goes.