Startup Focuses On Stopping Data Exfiltration

Former Akamai and Imperva exec heads up new security firm enSilo, launches an operating system-level endpoint security tool.

Now that most businesses are resigned to the fact that they cant stop the bad guys from getting in, the focus increasingly is on how to stop them from taking any data out. A new startup emerging from stealth today is rolling out a next-generation endpoint tool for catching malware and preventing the bad guys from stealing information.
Security firm enSilo, based in Israel, today officially launched and introduced a real-time endpoint security tool for preventing the exfiltration of data by attackers. In a nutshell, it looks for malicious connection attempts from the machine to the outside, and shuts them down so intruders cant take anything with them on the way out. enSilos product virtually patches against the attack.
It sits in the operating system in the form of a small footprint agent, and uses a whitelisting-type approach to catching malicious activity, says enSilo CEO Roy Katmor, who previously headed up Akamai’s security strategy, and prior to that managed Impervas data security products and architecture management. If youre a targeted attack and trying to work on a corporate device, youre going to make a foul. We know how to spot the fouls, Katmor says.
The biggest advantage of sitting in the OS is we are agnostic to protocols, Katmor says. enSilo is a black box.
What enSilo does not do is catch the actual successful infiltration or attack. Its all about tripping up the bad guys when they try to remove data.
[Determined cybercriminals and cyberspies will find their way to the data they want, but there are ways to trip them up as they try to make their way out. Read
Operation Stop the Exfiltration
.]
David Monahan, research director for security and risk management at Enterprise Management Associates, says whats unique about enSilos approach is that it looks or the moment the malware attempts to communicate to its external systems. They have identified that malware does not like to follow the standard conventions when it comes to making its communications. It tries any number of things to bypass the normal channels to avoid being restricted or identified by the OS, Monahan says. At that point it [enSilo] stops the communication attempt, Monahan says.
Because this process operates at the kernel level, he says, its difficult for an attack to cheat it or bypass it. enSilo has both a cloud- and local server option that can be integrated with perimeter security tools to block the types of behaviors it catches, he notes.
With the days of stopping attacks at the door long gone for the most part--especially given increasingly advanced and persistent attacks--security strategies are shifting to making it harder for the bad guys to do damage once theyve gotten inside. That means putting up hurdles for their exfiltration phase.
In addition to its platform for preventing exfiltration, enSilo also plans to add a next-generation firewall that monitors communications to all applications and stops any malicious ones.
The first generation of enSilo products include an agent gateway, a cloud gateway, a Windows 7/8/XP agent, endpoint distribution via LDAP, SIEM integration and a software management server. Next month, enSilo will add endpoint distribution with Symantec and McAfee software, out-of-line gateway support, next-gen firewall support, and a new management server.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Startup Focuses On Stopping Data Exfiltration