Data Theft
The cloud service includes the following data theft policies. The rules for these policies are:
- Common password informationSearches for outbound passwords in plain text.
- Common passwords information
- Common passwords information (Wide)
- Common passwords information (Narrow)
- Encrypted files - known formatSearches for outbound transactions comprising common encrypted file formats. The rule for this policy is:
- Encrypted files (known format)
- Encrypted file: encrypted data of unknown formatPolicy for detection of encrypted files of unknown format. The rule in this policy is:
- Encrypted file: encrypted data of unknown format
- IT asset informationSearches for suspicious outbound transactions, such as those containing information about the network, credit card magnetic tracks, and database files. Rules in this policy include:
- Suspicious content
- Suspicious content (Narrow)
- Suspicious content (Wide)
- Malware communication
Identifies traffic that is thought to be malware “phoning home” or attempting to steal information. Detection is based on the analysis of traffic patterns from known infected machines. Rules in this policy include:
- Malware communication (Default)
- Malware communication (Narrow)
- Password files
Searches for outbound password files, such as a SAM database and UNIX / Linux passwords files. Rules in this policy include:
- Password Files: Shadow Files
- Password Files: Shadow Files (Wide)
- Password Files: Password Files
- Password Files: Password Files (Wide)
- Password Files: SAM files
- Password Files: General files