New Reveal tools to investigate and block downloads

Cyber    Carlo Tarantini, June 21 2021

Supercharge investigations against insider risk, cover more avenues of exfiltration, proactively block downloads, and enjoy revised policies.

1 min

Reveal’s new Investigate tool

This new search tool extends Reveal’s data protection into a new dimension – forensics – beyond user education and proactive prevention.

Investigate

Reveal Investigate displays global search results signaling relevant information from numerous event streams generated by user activity, entity data, and Reveal’s sensors and alerts. It also highlights the most pertinent event streams for your search, directing you to threats so you know where to focus your attention.

From the new Investigate page, you can view events from across your organization, access a guided search to uncover threats, and search within and across event streams and related events using common properties. Tooltips and other helpful hints are provided to ease query building.

Browser Download Blocking

See and stop dangerous and unauthorized browser downloads.

By blocking users from downloading malicious executables and scripts, files containing sensitive or prohibited content, files from unauthorized URLs, and more, the latest Reveal update is even more effective in preventing threats or reputational damage and protecting data assets.

Reveal comes with out-of-the-box definitions for sensitive information types. You can use these in-built definitions to create your own custom identifiers for sensitive information or use classification labels provided by Microsoft Information Protection to inspect files in real-time and alert on sensitive content found.

Reveal's new block download feature provides the ability to further protect this information by blocking sensitive documents’ download to prevent data exfiltration. Blocking can be done based on sensitive information found or based on the download location.

The inclusion of additional sensitive content patterns and matching rules in Reveal's Policy Pack 3.0.7 (login required) helps users expand data protection for more sensitive data types to adhere to various compliance regulations or organizational policies.

New security policies and compressed files inspection

Reveal Configurable Policy Templates V3.0.8 (login required) are now available.

Track movement of ZIP files, protect against cryptocurrency scams, and detect tampering of the Reveal Browser Extension with our latest templates and content inspection patterns. This release also includes tighter controls over prohibited web requests, sensitive file downloads, and unauthorized logins.

Zip icon

Malicious users may attempt to exfiltrate large amounts of data inside ZIP files. They may even try to conceal sensitive data inside compressed archives. Reveal’s latest policy updates allow tracking the movement of ZIP files across USB, email, or web for increased visibility.

For full details, refer to the Reveal Configurable Policy Templates Reference Guide (login required).