Data In-Use Protection Plugin for Arkime
Operate seamlessly on network data while keeping it protected.
Ensure that your enterprise data is secure from external and internal threats with Portal26 today. As the industry experiences its worst spate of cyberattacks ever, Portal26 offers breach, ransomware, extortion, and compromise free zones in the enterprise.
Akime Network Security
Arkime (formerly Moloch) is a large scale, open source, indexed packet capture and search tool. Arkime was created in 2012 and has experienced significant growth and adoption since its early days. The system is intended to augment current security infrastructure to store and index network traffic in standard PCAP format. Arkime is not meant to replace Intrusion Detection Systems (IDS), instead it provides more visibility.
To learn about Arkime please visit the Arkime website.
Arkime Data Protection with Portal26 Plug-In
- Converts designated fields into protected formats via Elastic plug-in prior to ingesting them into index
- Enables full-featured search and analytics on protected fields while retaining data-in-use protection
- Data can be released to Arkime front end in clear text or masked, based on configuration
- Supports six types of data protection: Entanglement (which supports search and analytics), Encryption, Format-preserving Encryption, Tokenization, Masking and Redaction
- Supports keywords, text, numbers, and IP Address field types
- Direct access to the host does not reveal clear text data for protected fields
“Portal26 greatly simplifies data protection for Arkime. Their protection stays in place at all times, even when protected data is being used inside Elasticsearch.”
Andy WickDIstinguished Engineer, Verizon Media Group