Discover and protect sensitive data across every single endpoint.

Enterprise Recon identifies 95 types of sensitive customer and employee information for PCI DSS, HIPAA, and more by searching all servers, workstations, email, databases, cloud and other storage locations used across your entire organisation.

Using Enterprise Recon’s centralized management console, your team can identify and isolate any data storage risks. Avoid becoming the next data compromise headline. Try Enterprise Recon for free today.

data loss prevention
Pricing Overview
  • 1 year enterprise license
  • 25 targets
  • 50 targets
  • 100 targets
  • 250 targets
  • 500 targets
  • 1000+ targets
Enterprise Features
Centralised PCI Compliance

It’s impossible to know what's inside every single file across your network. But Enterprise Recon identifies what sensitive data you’re storing without any guesswork or assumptions. Once you know where the risks are, you can begin to mitigate those risks and prevent problems from resurfacing later. This is a core fundamental of being secure and compliant, and one that your security auditor will have added respect for your pro-active approach.

Centralised PCI Compliance
Network-wide Discovery
Network-wide Discovery

Even if you have hundreds or thousands of employees, workstations or other computing devices, Enterprise Recon makes complying with security standards like PCI DSS easy. Search any number of systems within your network with just a few clicks.

The search results identify where sensitive data is being stored, and for PCI DSS we'll highlight separately where any prohibited magnetic stripe (Track1/Track2) data was found.

Accurate and Powerful

Enterprise Recon searches everything – emails, databases, log files, documents and more across all systems within your organization. Enterprise Recon reads the contents of all major file formats, making it the most accurate solution for security of sensitive customer and employee data.

If unencrypted sensitive data is hiding within your organization, Enterprise Recon can find it.

Accurate and Powerful
Save Time
Save Time

Are you spending too much time staying compliant with PCI DSS, HIPAA or other mandatory security requirements?

Enterprise Recon simplifies and speeds up your work with automated, recurring scans at regular intervals all year round.

Consolidated Reporting

You can measure and track insecure sensitive data storage at the touch of a button using Enterprise Recon’s powerful reporting capabilities.

Reporting levels include each host, VLAN, group or department, or you can select a master report for the entire enterprise. Save reports in many formats, including email, PDF, CSV, XML and raw text.

Consolidated Reporting
Delegate and Remediate
Delegate and Remediate

Once you’ve identified your organization’s data storage risks, who will take ownership to fix the problem?

Enterprise Recon’s multi-user features grant access only to the areas of the organization each individual is responsible for. This empowers business units to accept responsibility and remediate the data storage risks that they inadvertently created in the first place.

Evidence for your QSA

Retain evidence of compliant cardholder data storage practices to share with your PCI QSA and sponsoring bank.

Enterprise Recon stores a complete history of reports for every scanned system, enabling comparisons of past and present compliance. This creates permanent evidence of your ongoing, compliant cardholder data storage practices, ready to be shared with your PCI QSA or sponsoring financial institution.

Evidence for your QSA
Safe for Production Systems
Safe for Production Systems

Why should you choose between accurate results and low resource usage? With Enterprise Recon, you don’t have to.

When running a search across a large production system, Enterprise Recon pursues accuracy and low resource usage over speed. This makes Enterprise Recon ideal for mission-critical systems and employees who must not be interrupted by resource-hogging searches. Enterprise Recon uses network resources so efficiently that it can be deployed remotely with low bandwidth.

Real-time Alerts

Real-time alerts provide immediate notification of instances of non-compliant cardholder data. Your QSA and risk management team will be impressed your remediation response and your organization will be safer when threats are eliminated as quickly as possible.

Real-time Alerts
Device Discovery
Device Discovery

Not sure where all of your systems are? Enterprise Recon includes the ability to discover systems on your network that have not been searched, so you can ensure complete coverage across your entire estate.

Agentless Scanning

Don’t like installing agents on your end points? With Enterprise Recon’s dissolvable agent, you can deploy an Enterprise Recon search (via active directory or SSH) to any supported end point, without the need to install an agent first.

Agentless Scanning
Next up: PII Data Types
Credit and Debit Card Numbers

If your bank requires you to be PCI DSS compliant, Enterprise Recon can help. Enterprise Recon finds card numbers issued by ten major card brands, with additional support for test numbers, custom BIN ranges and Track1/2 magnetic stripe detection.

Enterprise Recon includes all the PCI compliance capabilities we offer in our Card Recon data discovery tool.

Credit and Debit Card Numbers
National ID Cards
National ID Cards

Are you storing your customers’ national identity number? Enterprise Recon can find more than 50 types of national IDs, including Social Security numbers (SSNs) and Tax File Numbers (TFNs) from most of Africa, Asia, Europe, Middle East, Oceania, North America and South America.

Patient Health Information (PHI)

Are you a healthcare provider complying with HIPAA and other medical industry compliance initiatives?

Enterprise Recon finds many types of PHI, including Medicare, national insurance and national provider identifier data types from multiple regions.

Patient Health Information (PHI)
Financial Data
Financial Data

If your business handles personal banking information or business customer information, Enterprise Recon can improve your data security compliance.

Enterprise Recon offers the ability to identify stored bank account numbers, SWIFT Codes, IBANS, BSBs, GST and VAT information.

Personal Information

If your business stores customers’ personal information, Enterprise Recon can improve your data privacy.

Enterprise Recon can accurately detect your customers’ name, address, phone number, date of birth, and other elements which, when used together, could be used to commit identity theft.

Custom Data
> 160 PAN Formats
Custom Data

Does your business store sensitive IDs and reference numbers that are specific to your business?

Enterprise Recon offers a unique feature enabling you to build custom definitions of sensitive data. You can also build definitions to find specific combinations of sensitive and personal data.

Next up: Accuracy
Low False Positives

Tired of getting thousands of false positives with an open source product? Enterprise Recon uses a built-in elimination algorithm to scrutinise every finding and deliver filtered results with low false positives.

Low False Positives
Created for Accuracy
Created for Accuracy

Our data discovery algorithm was built from the ground up specifically to identify sensitive data. Rest assured that you're running the most accurate search possible. Enterprise Recon analyses each possible finding hundreds of times at lightning speed to uncover genuine security risks.

Support for 7 Card Brands

Enterprise Recon comes with built-in support for detecting seven major card brands used in more than 200 countries. This includes the 5 major card brands that require PCI compliance.

Support for 7 Card Brands
Inspects All File Types
Inspects All File Types

Millions of files, terabytes of data? Most data discovery solutions skip up to 60% of files if they are not supported. But Enterprise Recon attempts to inspect every object, regardless of its file name or file type. Enterprise Recon handles hundreds of file formats, including office documents, text files, databases, emails, images and audio.

Identify Test Cards

PCI DSS requires the use of test card numbers in development and test environments. Enterprise Recon identifies more than 10,000 of the most common test cards used by payment processors and payment gateways, and excludes them from findings. And you can add your own test card numbers to the list.

Identify Test Cards
Support for >160 PAN Formats
Support for >160 PAN Formats

Whether you store card numbers with spaces, dashes, or no separators at all, Enterprise Recon will isolate and detect personal account numbers (PANs) with low false positives. Enterprise Recon recognises more than 160 combinations of PAN storage structures.

Next up: Platform Support
Windows

Microsoft-supported versions of 32-bit and 64-bit Windows systems, including Windows 2000, Windows XP, XP Embedded, Windows Vista, Windows 7, Windows 8 and Windows Server 2000/2003/2008/2012 on Intel x86 CPU architectures.

Windows
Mac OSX
Mac OSX

Mac OSX 10.5 (Leopard) onwards on both Intel x86 and PowerPC CPU architectures.

Linux

All modern distributions of Linux supporting Kernel 2.4 and 2.6, including Centos, Debian, Fedora, Redhat, Slackware, SUSE and Ubuntu on Intel x86 CPU architectures.

Linux
FreeBSD
FreeBSD

As a tip-on-the-hat to our bearded friends at FreeBSD, Enterprise Recon supports distributions of FreeBSD 6.x, 7.x, 8.x and 9.x on Intel x86 CPU architectures.

Solaris

All Oracle-supported versions of Solaris, including 9.x, 10.x and 11.x on SPARC and Intel x86 CPU architectures.

Solaris
HP-UX
HP-UX

HP-UX B11.11 for PA RISC and B.11.23 onward for Integrity (Intel Itanium) CPU architectures.

IBM AIX

AIX 5.3, 6.1, 7.1 on pSeries CPU architecture.

IBM AIX
EBCDIC for Mainframes
EBCDIC for Mainframes

Mid-range and Mainframe systems, with full support for IBM's Extended Binary Coded Decimal Interchange Code (EBCDIC) to read files copied from systems such as AS/400, S/390 and iSeries to be searched in their native form without modification.

Please Note: Some features are not available on all supported operating systems.

Next up: File Formats
Text Files

Any text and mark-up language format, including TXT, RTF, HTML, XML, and more.

Text Files
Office Documents
Office Documents

Popular office applications within Microsoft Office 95 / 97 / 2000 / XP / 2003 / 2007 / 2010 / 2013, Star Office, Open Office, Libre Office and Neo Office. Card Recon also provides full support for Abode PDF documents.

Compressed Files

All the major and minor compression types in use today, including 7zip, Bzip2, Gzip, LZMA, LZMA2, Ar, LZW (.Z), .EXE Self Extracting Executables, Microsoft Tape Format, RAR, XZ, ZIP and all legacy codecs, including implode, deflate, deflate64, bz2, lzma and ppmd.

Compressed Files
Databases
Databases

All data within database files, including Microsoft Access, SQLite, DBase, and Microsoft SQL Server (MDF and LDF), as well as data stored as binary large objects (BLOBS); reports display the table and column name, if applicable.

Emails

Emails and their attachments stored in Microsoft Outlook PST, OST (2003 - 2010), Outlook Express, Lotus Notes NSF, Thunderbird, Eudora, Exim, Courier, Postfix, QMail, Maildir, Sendmail,DBX, MBox, and any standard MIME data formats.

Emails
Audio Files
Audio Files

Enterprise Recon understands common audio file formats, and will recognise cardholder data entered using a telephone keypad (DTMF tones) from pay-by-phone and IVR transactions which have been inadvertently recorded. Supported formats include WAV PCM 8/16bit mono/stereo, and MP3.

In addition, supported audio files with recorded English conversations containing credit card numbers are detected by the software.

Image Files

Scanned documents or other image-based files on your systems may contain sensitive data that cannot be detected by orthodox text-based scanning methods, but could easily be picked up by cyber criminals.

Using Optical Character Recognition (OCR), Enterprise Recon scans image files like JPGs and PNGs to provide even more depth and accuracy to your searches.

Everything Else
Everything Else
Everything Else

Enterprise Recon searches all locations, regardless of file types—even if they aren’t listed above. If a file type is not recognized, Enterprise Recon performs generic binary decoding to filter out the raw data and attempt to identify any sensitive information stored within. When you read an Enterprise Recon, you’ll know that every possible data file has been searched.

Next up: Target Types
Local Storage

Enterprise Recon searches all local storage, including fixed drives, removable drives and accessible locations where a file can be stored.

Local Storage
Deleted Files
Deleted Files

Most organisations cleanse unwanted data by simply deleting it, but it can be recovered easily by commonly available tools. Are you storing cardholder data in deleted files? Enterprise Recon searches all the free space on a local system and identifies any sensitive data that remains. Then you can opt to remove it permanently.

Network Storage

Storing data on SAN or NAS devices? Enterprise Recon enables remote scanning of network drives and limits network impact by controlling the data transfer speed.

Network Storage
Live and Offline Databases
Live and Offline Databases

Enterprise Recon enables live searching of the most popular enterprise database servers, including Oracle, DB2, Microsoft SQL Server, SAP Sybase, MySQL and PostgreSQL.

Email Servers

Enterprise Recon searches Microsoft Exchange Information Stores and other email servers to identify cardholder data stored in user mailboxes, including attachments.

Email Servers
Memory
Memory

With the rise of memory scraping malware, your company needs the ability to audit the memory usage of applications for protection against data breaches. Enterprise Recon simplifies this process by enabling auditing of memory for any sensitive data across any supported end-point.

Cloud Storage

The average organisation stores 33% of its data using cloud resources, making it a key location to be scanned and safeguarded.

Scan and secure Amazon AWS and Google Apps cloud storage locations to keep your hosted data safe.

The Cloud
Next up: Reporting
Global Reporting

Want to quantify your total data storage risk across the entire organisation? Enterprise Recon delivers high-level management reports with summarised statistics for all sensitive data found throughout the organization. You can also view breakdowns by department or business unit as needed.

Global Reporting
Group Reporting
Group Reporting

Do you need to hold each business unit accountable for its data storage habits? Generate reports for each business unit to show exactly which systems and end-points contain sensitive information and to highlight high-risk areas.

End-point Reporting

View a detailed report of findings on each end-point, including every file, database, and email containing sensitive data.

End-point Reporting
Many Report Formats
Many Report Formats

Enterprise Recon reports can be viewed onscreen, shared via email, or prepared for offline viewing. Report formats include HTML, text, CSV and PDF.

Next up: Remediation
Secure Delete

Don't need to retain any of the data? Enterprise Recon’s Secure Delete feature can be used on accessible stored files to permanently erase any trace of the data, rendering it completely unrecoverable by undelete and forensic tools.

Secure Delete
Secure Quarantine
Secure Quarantine

Want to keep the data, but need to store it more securely? Secure Quarantine lets you move accessible files to a secure location while permanently erasing it from the location where it was found.

Mask Sensitive Data

Want to sanitise sensitive data, but keep all the surrounding data? The Sensitive Data Masking feature enables redaction of each instance of something sensitive within text based log files, configuration files and other simple files types stored on disk. For example, 1234000000005678 becomes 123400xxxxxx5678, thus rendering a non-compliant PAN as PCI DSS compliant.

Mask Cardholder Data
Encryption
Encrypt

Do you have a business-justified reason to be storing sensitive data, yet can’t afford to let it fall into the wrong hands? Secure sensitive yet important data via AES 128bit encryption, locking the files down with a password only relevant parties will know.

Please note: Not all file formats or target types allow remediation actions to be performed.

Next up: Want More ?
User-friendly Interface

We know you don't want to waste time when managing your data security, so we've designed Enterprise Recon for ease of use and speed.

User-friendly Interface
Remote Viewing
Remote Viewing

Enterprise Recon allows you to view the contents of a file remotely without impacting your PCI compliance scope. Our remote file inspector enables you to view the contents of each file to show you exactly where the findings are—without any risk thanks to Enterprise Recon’s dynamic cardholder data masking capabilities.

Remediate Your Risk

Enterprise Recon lets you permanently erase any file containing cardholder data so that it cannot be recovered using undelete or forensic tools.

Remediate Your Risk
Active Directory Integration
Active Directory Integration

Enterprise Recon supports authentication via Active Directory for interoperability with your central security controls, including password management and user permission groups. Large deployments benefit from automatic host group assignment using previously established Active Directory host groups. This feature is a true timesaver for large environments.

Advanced Permissions

Segregation of duties is easy in Enterprise Recon. Use different levels of access to enable team leaders and business managers to view only their own areas of the business.

Advanced Permissions
Syslog Integration
SIEM Integration

Enterprise Recon uses syslog to integrate with your Security Information and Event Management system. This supports all your security compliance requirements that ensures all your actions and activities in ER are centrally logged.

Encrypted and Secure

Enterprise Recon doesn't store or transmit sensitive data—none at all. This means that Enterprise Recon can be deployed across your entire organisation without increasing your data security compliance scope. Furthermore, all Enterprise Recon reports are disseminated and stored using AES128bit encryption to prevent eavesdropping and information leakage.

Encrypted and Secure