SYSTEMS AND METHODS FOR IDENTIFYING POTENTIAL MISUSE OR EXFILTRATION OF DATA

摘要

Provided herein are systems and methods for preventing or controlling data movement. A learning engine may detect capabilities of a computing environment for allowing data access or transfer, and activities relating to data access or transfer from the computing environment. Data assets of the computing environment that are protected may be identified, according to metadata of the data assets. The learning engine may, according to the identified data assets and at least one of the detected capabilities or activities, determine a situation within the computing environment that represents potential or actual exfiltration of one of the identified data assets. A rule engine may perform an action to prevent or control the potential or actual data movement of the one of the identified data assets, responsive to applying one or more rules to the determined situation.