ADX or Anti Data Exfiltration is a technique used to prevent unauthorized data leaving your device.
Pioneered by BlackFog as a technique to protect data privacy on any computing device, it has been used successfully as a cyber security tool to stop ransomware attacks around the world. By targeting multiple parts of the kill chain it is able to block the activation and spread of cyber attacks. Since cyber attacks, especially ransomware focuses on data theft to extort payment this has become an important technique to thwart modern polymorphic attacks that cannot be stopped by traditional anti virus solutions.
An organization’s data is its most valuable asset, and all cyberattacks work by exfiltrating unauthorized data in some way.
The problem is not one that a series of data-centric policies can resolve. Instead, organizations have begun to take a more holistic approach to preventing the exfiltration of sensitive data.
Simply infiltrating a network or a device does not make a successful cyberattack. The attack is only successful if sensitive data is stolen from the network. Without data exfiltration, there is no data loss, no data breach, and no data ransom or extortion.
ADX works by investigating outgoing data on endpoint devices. This gives it a markedly smaller footprint than other solutions, such as firewalls or DLP, which examines incoming and outgoing traffic at the edge of the network. ADX solutions are lightweight enough to run on mobile devices and do not need to work on the corporate network.
Instead of comparing traffic to a dictionary of attack signatures, ADX solutions use behavioral analytics to identify unusual behaviors on a user-centric basis. ADX limits the ability for users – including privileged users and administrators – to send sensitive data outside the network.