Supported platform version:
The Financial Data Leak App is designed to orchestrate and optimize the organization’s security tools to conduct detection, investigation and mitigation operations against targeted intrusion attempts and personally identifiable information leaks (including credit card numbers, social security numbers and more). The Financial Data Leak App detects different reconnaissance techniques, data gathering methods and financial oriented malwares (e.g. POS memory scrapers).
Financial data leak attacks are highly planned, targeted, multi-stage attacks. The Financial Data Leak App identifies different high-skilled intrusion methods, using the platform’s Network Behavior Analysis, Intrusion Detection Systems and reputation services. The App investigates further steps of the attack such as Active Directory and SQL querying, associated with information gathering, as well as indications of malware, through anti-malware platforms, that are known to be part of financial data leak campaigns. The App uses the platform’s mitigation service to disable malicious communication including C2 and abnormal data transfers - all in order to break the chain of attack.