TAG Blog Series 2 – How ADX is Integrated into the Enterprise

Dr. EDWARD AMOROSO, FOUNDER & CEO, TAG

This series of blogs developed by TAG Infosphere highlights a powerful new cybersecurity solution known as Anti Data Exfiltration (ADX) which provides on-device data security and threat protection. Commercial vendor BlackFog pioneered ADX which is shown to effectively stop cyberattacks such as ransomware, spyware, malware, and phishing.

No cybersecurity solution can work in isolation, so the integration of any ADX deployment into the enterprise is an important consideration. Since ADX focuses on prevention and the shift-left paradigm, it provides significant synergies with existing technologies that focus on detection and response and makes them more effective. By giving other tools more time to react, the entire solution becomes greater than the sum of its parts.

In this article, we review how the commercial ADX solution from BlackFog for enterprise customers works in the context of device risk posed in the typical business environment. The ransomware problem that exists for most enterprise is used to illustrate the product in action. We also review how their solution supports the growing needs of the modern managed security service provider.

The BlackFog Enterprise product is a comprehensive solution designed to implement ADX for enterprise buyers. At the heart of BlackFog Enterprise is its on-device agent, which goes beyond traditional antivirus and Endpoint Detection and Response (EDR) solutions. As explained above, ADX focuses on preventing unauthorized data from leaving devices, a critical aspect in modern cybersecurity.

This commercial solution works by monitoring data exfiltration from any network to ensure data security and regulatory compliance. The product offers a proactive approach to cybersecurity, using AI based algorithms to identify unusual behavior and the unauthorized removal of data from devices and networks.

The product emphasizes on-device data privacy and security. It protects endpoint devices by investigating outgoing data on endpoint devices, providing a more streamlined and less intrusive approach than traditional methods like firewalls or Data Loss Prevention (DLP). This makes it effective even for mobile devices and remote work environments, securing data directly on the devices without relying solely on network-based protections.

Unlike most enterprise solutions which aim to restore and recover after an attack, BlackFog addresses ransomware by focusing on prevention. Certainly, no organization should ignore the importance of having shift-right controls to deal with the outages and disruptions that come with a ransomware attack, but this should not become the primary goal of a comprehensive security posture.

It is important to understand that ransomware typically has two objectives. The first and most well- known involves essentially freezing the ability of an organization to operate due to encrypted files. While less prevalent than in the early days of ransomware, it still occurs with some ransomware variants, which increasingly resemble nation-state advanced persistent threats. ADX is effective in reducing this risk.

The second objective of many ransomware campaigns involves real data theft. Such data exfiltration occurs in approximately 92% of all attacks. While less well-known by many business leaders, it has become the main challenge in fighting new threats. With most ransomware gangs now utilizing AI to both target and create new threat vectors, the stakes have never been higher. ADX specifically targets these zero-day exploits and data exfiltration directly at the source, and on the device itself.

Increasingly, businesses are relying on their managed service providers (MSPs) to deliver an extended range of security services. This is particularly true down-market for smaller companies who might not have a large staff of IT and security support staff to tend to the day-to-day needs of the organization. Managed services are a powerful option here – and BlackFog partners with the best MSPs to provide such coverage.

More recently, we’ve seen at TAG a shift from just smaller companies using MSPs for cybersecurity toward mid-sized and even much larger companies outsourcing security protection. Since the BlackFog ADX solution is preventive, we believe it is especially well-suited to larger organizations using MSPs for augmented security. Interested readers should contact BlackFog (see ling below) to learn more of its MSP partnerships.

Click here for more information on the specifics and technical details of how BlackFog helps enterprise teams implement and enforce security policies using ADX.

BlackFog is the leader in on-device data privacy, data security and ransomware prevention. Its behavioral analysis and anti data exfiltration (ADX) technology stops hackers before they even get started. The company’s cyberthreat prevention software prevents ransomware, spyware, malware, phishing, unauthorized data collection and profiling and mitigates the risks associated with data breaches and insider threats. BlackFog blocks threats across mobile and desktop endpoints, protecting organizations data and privacy, and strengthening regulatory compliance.

TAG is a trusted next generation research and advisory company that utilizes an AI-powered SaaS platform to provide on demand insights, guidance, and recommendations to enterprise teams, government agencies, and commercial vendors in cybersecurity, artificial intelligence, and climate science.

Copyright © 2024 TAG Infosphere, Inc. This report may not be reproduced, distributed, or shared without TAG Infosphere’s written permission. The material in this report is comprised of the opinions of the TAG Infosphere analysts and is not to be interpreted as consisting of factual assertions. All warranties regarding the correctness, usefulness, accuracy, or completeness of this report are disclaimed herein.