Data Theft

The cloud service includes the following data theft policies. The rules for these policies are:
  • Common password information
    Searches for outbound passwords in plain text.
    • Common passwords information
    • Common passwords information (Wide)
    • Common passwords information (Narrow)
  • Encrypted files - known format
    Searches for outbound transactions comprising common encrypted file formats. The rule for this policy is:
    • Encrypted files (known format)
  • Encrypted file: encrypted data of unknown format
    Policy for detection of encrypted files of unknown format. The rule in this policy is:
    • Encrypted file: encrypted data of unknown format
  • IT asset information
    Searches for suspicious outbound transactions, such as those containing information about the network, credit card magnetic tracks, and database files. Rules in this policy include:
    • Suspicious content
    • Suspicious content (Narrow)
    • Suspicious content (Wide)
  • Malware communication

    Identifies traffic that is thought to be malware “phoning home” or attempting to steal information. Detection is based on the analysis of traffic patterns from known infected machines. Rules in this policy include:

    • Malware communication (Default)
    • Malware communication (Narrow)
  • Password files

    Searches for outbound password files, such as a SAM database and UNIX / Linux passwords files. Rules in this policy include:

    • Password Files: Shadow Files
    • Password Files: Shadow Files (Wide)
    • Password Files: Password Files
    • Password Files: Password Files (Wide)
    • Password Files: SAM files
    • Password Files: General files