Intellectual Property - Trade Secrets

Owned by David Ruel (Unlicensed)
Last updated: Jul 28, 2016

Main Help Menu

Company Profile

Fortune 500 Chemical Company

Problem

Company has seen increased cyber activity and has discovered evidence that malicious threat actors are targeting their sensitive data.  Company believes that their intellectual property and company trade secrets are well protected on a file share with limited access and limited visibility to only the engineering department. 


Solution

Heureka's endpoint service is installed on 25 laptops from various departments and pointed at a 2Tb slice of the file share that spanned several departments.  Interrogate was populated with specific keywords in order to surgically target intellectual property files. Interrogate quickly reported that 24 of 25 machines tested positive for sensitive data and almost every department included in the file share tested positive. Company used Interrogate reports to discover gaps in security and tighten defenses. 


Interrogate Workflow (User Defined)

For this use case you would utilize the keyword search function in order to target specific information on each endpoint.

Interrogate's search feature allows you to define both endpoints and specific keywords on which to search. In this example, a keyword text list has been created with specific keywords related to company IP.

  1. Create a Job and Search in Interrogate.
  2. Select the desired endpoints you would like to search.
  3. For this use case, we will import a keyword text file that was created outside of Interrogate into a group we have created. Our keyword group name is "IP Keywords".
  4. Select "Add Keywords" from your group edit and browse to your externally created keyword list. Select "Upload" and "Save Group" to save your keywords to the group.
  5. Select "Search" and input name.

Analyze

Once the endpoint(s) begin to stream results back to your search result page, you will  see file-level information such as File Name, Risk Score, Tags, File Path, etc, in the Grid Results area.

Take Action

You may export your returned results using the "Export to CSV" function. This flat-file CSV can then be imported to any desired analytics program for further analysis. If you are required to collect the files to a new location, use the "Collect Files" function.