Castle Building and Cybersecurity

Castles are cool. Back in their day they were what every smart ruler needed to protect their people and their land. But times change, warfare changed too, and soon, static defenses like the castle were no longer effective.

In Cybersecurity, we’ve been building castles around our networks for years. We surround our data and our vital business information with firewalls and towers of SIEM, IDS, and IPS. We create bastions of defense in depth meant to keep the bad guys out and the good guys (and their data) – safe.

But no organization runs well if you're constantly trying to lock everyone and everything out.

If your cybersecurity is your castle, then your business is your kingdom - and no kingdom thrives when it's under siege. With traditional cybersecurity solutions, the focus is on keeping bad guys out - at any cost. So we put guards on the walls to keep track of all this traffic coming and going through our fortifications. These guards check and report on each visitor so when something, or someone suspicious is found, they can sound off and call for help.

Here's the problem: you can never afford enough guards, and eventually, a bad guy is going to get in anyway. When that happens, all of your walls and all of your guards mean nothing. That giant castle you've built around your enterprise? It might as well have been made out of sand.

Stop building sandcastles.

So shift the paradigm. Guard your data, but guard it our way. eNSilo understands your data, understands that it needs to move through your network and be shared with others. We just make sure that it doesn’t leave your network or get encrypted and put up for ransom.

What enSilo does is look at one of the most common pieces of your entire business infrastructure – the endpoint. The endpoint is where the operating system lives - and inside the operating system - we're king (or queen - your choice!)

When bad guys come to call on a castle protected by enSilo, they encounter a completely different kind of security. enSilo protects against the consequences of a successful attack. Here's how it works: enSilo Collectors running on each endpoint quietly monitor the operating system and gather OS metadata on running processes.

When a process tries to communicate outside of the local system or tries to manipulate files, the Collector passes the request over to the enSilo Core. The Core can - in Real-Time - determine if the request is malicious or not. If it's malicious - it simply stops the action.

Note - we said stop - not just alert. You don't need any more alerts. With enSilo we protect first - then we let you know about it. You'll get a single alert for each valid attack we prevent, and we include detailed information about how to fully remediate the threat. Best of all, your people don't have to stop working. enSilo protects against data loss and malicious encryption even when the endpoint is infected with advanced malware.

Neat right? It gets better. Because we work on the OS level, enSilo is agnostic about pretty much everything; applications, protocols, even the data itself.



“First, stop the exfiltration of data, and then stop the lateral movement
of the adversaries. Then, stop the data collection and try to limit the
capabilities for them to be able to fool your domain admin.”

What Does the Ideal Security Solution Look Like



Stop the consequences of the attack and you solve the most important problem.



Pinpoint the exact problem and remove false positives by only stopping the malicious data-related activity.


Stop the data theft or tampering before it starts without negatively impacting user experience.



enSilo runs independently to other solutions but complements other applications in the stack.