ENTERPRISE RECON

Discover sensitive cardholder data across your entire company.

Enterprise Recon identifies cardholder data by searching all the servers, workstations and other storage locations within your network.

Using Enterprise Recon’s centralized management console, your team can identify and isolate any cardholder data storage risks. Avoid becoming the next data compromise headline. Try Enterprise Recon for free today.

data loss prevention
Pricing Overview
  • 1 year enterprise license
  • 25 targets
  • 50 targets
  • 100 targets
  • 250 targets
  • 500 targets
  • 1000+ targets
Enterprise Features
Centralised PCI Compliance

It’s impossible to know what's inside every single file across your network. But Enterprise Recon identifies what cardholder data you’re storing without any guesswork or assumptions. Once you know where the risks are, you can begin to mitigate those risks and prevent problems from resurfacing later. This is a core fundamental of being PCI compliant, and one that your QSA will have added respect for your pro-active approach.

Centralised PCI Compliance
Network-wide Discovery
Network-wide Discovery

Even if you have hundreds or thousands of employees, workstations or other computing devices, Enterprise Recon makes PCI compliance easy. Search any number of systems within your network with just a few clicks.

The search results identify where credit card numbers are being stored, as well as any sensitive magnetic stripe (Track1/Track2) data.

Accurate and Powerful

Enterprise Recon searches everything – emails, databases, log files, documents and more across all systems within your organization. Enterprise Recon reads the contents of all major file formats, making it the most accurate solution for cardholder data discovery.

If unencrypted cardholder data is hiding within your organization, Enterprise Recon will find it.

Accurate and Powerful
Save Time
Save Time

Are you spending too much time maintaining PCI compliance?

Enterprise Recon simplifies and speeds up your work with automated, recurring scans at regular intervals all year round.

Consolidated Reporting

You can measure and track noncompliant cardholder data storage at the touch of a button using Enterprise Recon’s powerful reporting capabilities.

Reporting levels include each host, VLAN, group or department, or you can select a master report for the entire enterprise. Save reports in many formats, including email, PDF, CSV, XML and raw text.

Consolidated Reporting
Delegate and Remediate
Delegate and Remediate

Once you’ve identified your organization’s cardholder data storage risks, who will take ownership to fix the problem?

Enterprise Recon’s multi-user features grant access only to the areas of the organization each individual is responsible for. This empowers business units to accept responsibility and remediate the cardholder data risks that they inadvertently created in the first place.

Evidence for your QSA

Retain evidence of compliant cardholder data storage practices to share with your PCI QSA and sponsoring bank.

Enterprise Recon stores a complete history of reports for every scanned system, enabling comparisons of past and present compliance. This creates permanent evidence of your ongoing, compliant cardholder data storage practices, ready to be shared with your PCI QSA or sponsoring financial institution.

Evidence for your QSA
Safe for Production Systems
Safe for Production Systems

Why should you choose between accurate results and low resource usage? With Enterprise Recon, you don’t have to.

When running a search across a large production system, Enterprise Recon pursues accuracy and low resource usage over speed. This makes Enterprise Recon ideal for mission-critical systems and employees who must not be interrupted by resource-hogging searches. Enterprise Recon uses network resources so efficiently that it can be deployed remotely with low bandwidth.

Real-time Alerts

Real-time alerts provide immediate notification of instances of non-compliant cardholder data. Your QSA will be impressed your remediation response and your organization will be safer when threats are eliminated as quickly as possible.

Real-time Alerts
Next up: Accuracy
Low False Positives

Tired of getting thousands of false positives with an open source product? Enterprise Recon uses a built-in elimination algorithm to scrutinise every finding and deliver filtered results with low false positives.

Low False Positives
Created for Accuracy
Created for Accuracy

Our data discovery algorithm was built from the ground up specifically to identify sensitive data. Rest assured that you're running the most accurate search possible. Enterprise Recon analyses each possible finding hundreds of times at lightning speed to uncover genuine security risks.

Support for 7 Card Brands

Enterprise Recon comes with built-in support for detecting seven major card brands used in more than 200 countries. This includes the 5 major card brands that require PCI compliance.

Support for 7 Card Brands
Inspects All File Types
Inspects All File Types

Millions of files, terabytes of data? Most data discovery solutions skip up to 60% of files if they are not supported. But Enterprise Recon attempts to inspect every object, regardless of its file name or file type. Enterprise Recon handles hundreds of file formats, including office documents, text files, databases, emails, images and audio.

Identify Test Cards

PCI DSS requires the use of test card numbers in development and test environments. Enterprise Recon identifies more than 10,000 of the most common test cards used by payment processors and payment gateways, and excludes them from findings. And you can add your own test card numbers to the list.

Identify Test Cards
Support for >160 PAN Formats
Support for >160 PAN Formats

Whether you store card numbers with spaces, dashes, or no separators at all, Enterprise Recon will isolate and detect personal account numbers (PANs) with low false positives. Enterprise Recon recognises more than 160 combinations of PAN storage structures.

Next up: Platform Support
Windows

Microsoft-supported versions of 32-bit and 64-bit Windows systems, including Windows 2000, Windows XP, XP Embedded, Windows Vista, Windows 7, Windows 8 and Windows Server 2000/2003/2008/2012 on Intel x86 CPU architectures.

Windows
Mac OSX
Mac OSX

Mac OSX 10.5 (Leopard) onwards on both Intel x86 and PowerPC CPU architectures.

Linux

All modern distributions of Linux supporting Kernel 2.4 and 2.6, including Centos, Debian, Fedora, Redhat, Slackware, SUSE and Ubuntu on Intel x86 CPU architectures.

Linux
FreeBSD
FreeBSD

As a tip-on-the-hat to our bearded friends at FreeBSD, Enterprise Recon supports distributions of FreeBSD 6.x, 7.x, 8.x and 9.x on Intel x86 CPU architectures.

Solaris

All Oracle-supported versions of Solaris, including 9.x, 10.x and 11.x on SPARC and Intel x86 CPU architectures.

Solaris
HP-UX
HP-UX

HP-UX B11.11 for PA RISC and B.11.23 onward for Integrity (Intel Itanium) CPU architectures.

IBM AIX

AIX 5.3, 6.1, 7.1 on pSeries CPU architecture.

IBM AIX
EBCDIC for Mainframes
EBCDIC for Mainframes

Mid-range and Mainframe systems, with full support for IBM's Extended Binary Coded Decimal Interchange Code (EBCDIC) to read files copied from systems such as AS/400, S/390 and iSeries to be searched in their native form without modification.

Next up: File Formats
Text Files

Any text and mark-up language format, including TXT, RTF, HTML, XML, and more.

Text Files
Office Documents
Office Documents

Popular office applications within Microsoft Office 95 / 97 / 2000 / XP / 2003 / 2007 / 2010 / 2013, Star Office, Open Office, Libre Office and Neo Office. Card Recon also provides full support for Abode PDF documents.

Compressed Files

All the major and minor compression types in use today, including 7zip, Bzip2, Gzip, LZMA, LZMA2, Ar, LZW (.Z), .EXE Self Extracting Executables, Microsoft Tape Format, RAR, XZ, ZIP and all legacy codecs, including implode, deflate, deflate64, bz2, lzma and ppmd.

Compressed Files
Databases
Databases

All data within database files, including Microsoft Access, SQLite, DBase, and Microsoft SQL Server (MDF and LDF), as well as data stored as binary large objects (BLOBS); reports display the table and column name, if applicable.

Emails

Emails and their attachments stored in Microsoft Outlook PST, OST (2003 - 2010), Outlook Express, Lotus Notes NSF, Thunderbird, Eudora, Exim, Courier, Postfix, QMail, Maildir, Sendmail,DBX, MBox, and any standard MIME data formats.

Emails
Audio Files
Audio Files

Operate a call centre IVR that uses call recording?

Card Recon understands common audio file formats and will recognise cardholder data entered using a telephone keypad (DTMF tones) from pay-by-phone and IVR transactions which have been inadvertently recorded. Supported formats include WAV PCM 8/16bit mono/stereo.

Everything Else

Enterprise Recon searches all locations, regardless of file types—even if they aren’t listed above. If a file type is not recognized, Enterprise Recon performs generic binary decoding to filter out the raw data and attempt to identify any sensitive information stored within. When you read an Enterprise Recon, you’ll know that every possible data file has been searched..

Everything Else
Next up: Target Types
Local Storage

Enterprise Recon searches all local storage, including fixed drives, removable drives and accessible locations where a file can be stored.

Local Storage
Deleted Files
Deleted Files

Most organisations cleanse unwanted data by simply deleting it, but it can be recovered easily by commonly available tools. Are you storing cardholder data in deleted files? Enterprise Recon searches all the free space on a local system and identifies any sensitive data that remains. Then you can opt to remove it permanently.

Network Storage

Storing data on SAN or NAS devices? Enterprise Recon enables remote scanning of network drives and limits network impact by controlling the data transfer speed.

Network Storage
Live and Offline Databases
Live and Offline Databases

Enterprise Recon enables live searching of the most popular enterprise database servers, including Oracle, DB2, Microsoft SQL Server, SAP Sybase, MySQL and PostgreSQL.

Email Servers

Enterprise Recon searches Microsoft Exchange Information Stores and other email servers to identify cardholder data stored in user mailboxes, including attachments.

Email Servers
Memory
Memory

With the rise of memory scraping malware, your company needs the ability to audit the memory usage of applications for protection against data breaches. Enterprise Recon simplifies this process by enabling auditing of memory for any cardholder data across any supported end-point.

Next up: Reporting
Global Reporting

Want to quantify your total data storage risk across the entire organisation? Enterprise Recon delivers high-level management reports with summarised statistics for all sensitive data found throughout the organization. You can also view breakdowns by department or business unit as needed.

Global Reporting
Group Reporting
Group Reporting

Do you need to hold each business unit accountable for its data storage habits? Generate reports for each business unit to show exactly which systems and end-points contain sensitive information and to highlight high-risk areas.

End-point Reporting

View a detailed report of findings on each end-point, including every file, database, and email containing sensitive data.

End-point Reporting
Many Report Formats
Many Report Formats

Enterprise Recon reports can be viewed onscreen, shared via email, or prepared for offline viewing. Report formats include HTML, text, CSV and PDF.

Next up: Want More ?
User-friendly Interface

We know you don't want to waste time when managing PCI compliance, so we've designed Enterprise Recon for ease of use and speed. View reports and statistics almost immediately after logging in, and drill down to see exactly where findings are located across your network.

User-friendly Interface
Remote Viewing
Remote Viewing

Enterprise Recon allows you to view the contents of a file remotely without impacting your PCI compliance scope. Our remote file inspector enables you to view the contents of each file to show you exactly where the findings are—without any risk thanks to Enterprise Recon’s dynamic cardholder data masking capabilities.

Remediate Your Risk

Enterprise Recon lets you permanently erase any file containing cardholder data so that it cannot be recovered using undelete or forensic tools.

Remediate Your Risk
Active Directory Integration
Active Directory Integration

Enterprise Recon supports authentication via Active Directory for interoperability with your central PCI compliance controls, including password management and user permission groups. Large deployments benefit from automatic host group assignment using previously established Active Directory host groups. This feature is a true timesaver for large environments.

Advanced Permissions

Segregation of duties is easy in Enterprise Recon. Use different levels of access to enable team leaders and business managers to view only their own areas of the business.

Advanced Permissions
Syslog Integration
Syslog Integration

Enterprise Recon uses Syslog to integrate with your centralised log management system. This supports your PCI compliance requirements and ensures that system activities generated within Enterprise Recon are logged remotely.

Encrypted and Secure

Enterprise Recon doesn't store or transmit cardholder data—none at all. This means that Enterprise Recon can be deployed across your entire organisation without increasing your PCI compliance scope. Furthermore, all Enterprise Recon reports are disseminated and stored using AES128bit encryption to prevent eavesdropping and information leakage.

Encrypted and Secure