Abstract: Cybersecurity active defense and rapid bulk recovery in data storage systems are disclosed herein. An example system includes a file system, and an architecture installed on the file system, the architecture being configured to protect the file system in a zero trust manner from a malicious attack by a source system, the architecture including a controller that is configured to determine file-level operations of files in the file system that are indicative of a malicious event, block a user account or machine address interacting with the files, prevent data exfiltration or data corruption of the files, provide an alert regarding the files, identify the files that were associated with the malicious event, generate recommendations regarding the files based on datapoints and the file-level operations on the files, present a graphical user interface that displays the recommendations, and remove and restore the one or more of the files as requested.

Abstract: Cybersecurity active defense in data storage systems are disclosed herein. An example system includes a file system, and an architecture installed on the file system, the architecture being configured to protect the file system in a zero trust manner from a malicious attack by a source system, the architecture including a controller that is configured to determine file-level operations of files in the file system that are indicative of a malicious event, block a user account or machine address interacting with the files, prevent data exfiltration or data corruption of the files, and provide an alert to an administrator regarding the files.

Abstract: Methods and systems for trust evaluation of network activities are provided. An example method commences with receiving, from a user, a request to access at least one file on a network. The method further includes authenticating the user using a multi-factor authentication method. The method continues with selectively granting the user a credentialed access to the at least one file based on the authentication. The method further includes analyzing, based on a security policy, at least one activity of the user. The security policy includes at least one trigger event and at least one mitigating action. The method further includes triggering re-authentication of the user in response to determining, based on the analysis, that the at least one trigger event has occurred. The method then continues with selectively performing the at least one mitigation action based on results of the re-authentication.

Abstract: A method of and system for virtual air-gapping of data in a network storage system. The method comprises creating a staging zone around a set of data within a global zone. The global zone is accessible over a network utilizing a network file system. The set of data is indexed generating a manifest containing metadata and a hash for each file within the set of data. The set of data and manifest is reallocated creating vaulted data. Access to the vaulted data is provided through an Application Programing Interface (API) configured to limit access to specified users and permissions which can exclude superusers. The API can be used to verify the vaulted data through recomputing the index manifest and hashes.

Abstract: Cybersecurity active defense in data storage systems are disclosed herein. An example system includes a file system, and an architecture installed on the file system, the architecture being configured to protect the file system in a zero trust manner from a malicious attack by a source system, the architecture including a controller that is configured to determine file-level operations of files in the file system that are indicative of a malicious event, block a user account or machine address interacting with the files, prevent data exfiltration or data corruption of the files, and provide an alert to an administrator regarding the files.

Abstract: The disclosure provides methods and systems for transparent data movement between a private cloud storage ecosystem and another storage system. The other storage system may be local storage or external storage separate and apart from the private cloud storage ecosystem. Originally, metadata and the data contents of a file are both stored on local storage in the private cloud storage ecosystem. The method separates the metadata from the data contents of a file such that the metadata and data contents are independently operable. After separation and based on policy, the data content is transparently moved between the private cloud storage system and the other storage system. The data is managed and tracked such that a user, e.g., a client or external program/entity, may access the data content using the original metadata stored on the private cloud storage ecosystem, despite the movement of the data contents to the other storage system.