Shields Up™
Data Defense

Ensure only authorized users and processes have access to protected files, safeguarding sensitive data from ransomware and theft.

Prevent Unauthorized Access

Policy-based protections for endpoints block ransomware and other advanced threats.

Stop Ransomware

Automated threat response reduces the blast radius and disruption of ransomware and lateral moving cyber threats.

Hide & Encrypt Data

Hidden encrypted vaults with secure SSDs make your endpoints the safest place to store sensitive data.

Stop Ransomware

The Data Defense risk-based multi-factor authentication ensures all protected files are shielded from ransomware and other threats. 

Ransomware simply can’t encrypt what it cannot access. Since Data Defense is centrally managed, admins can instantly initiate a lock on protected data when threats are detected on any system. 

The Blueshift SOC can remotely lock down all files during a security incident, without disrupting productivity.

Protect Folders,
File Types and Shared Files

Zero trust principles enforced at the data layer prevent data theft and exfiltration by unauthorized users, processes and malware. Folders and individual files can be designated for protection, requiring step-up authentication to access them.

Data Defense can apply these protections automatically by file type and/or location. For example, policies can be configured to protect all files with a .XLS extension or within the Documents folder.

Files remain encrypted, only accessible by trusted wherever they go.

How it Works

Cigent’s Data Defense software, fully-managed by Blueshift 24×7 Security Operations Center, is configured by policy in the management console to put all desired files into a risk-based threat-aware state. Policies can be set by file type (extension) and/or by location (folder). It protects files on the local PC, network file shares, and external media.

In normal operations, users work as they always do with no impact to their user experience. During Shields Up mode, users will be required to use multi-factor authentication to access protected files.

  • Always on – requires authentication to access protected files

  • Dynamic – requires authentication during a “Shields Up” condition

Zero Trust File Access

File access controls that only allow the trusted user to access individual files with MFA.

Secure File Sharing

Files remain encrypted, only accessible by trusted users wherever they go.

Invisible Data

Good signed applications are added via the publisher’s signature eliminating the need for whitelisting hashes for past and future applications.

Hacker-Proof Credentials

A novel approach to the creation and storage of credentials that make credential access impossible.

File Encryption

Files are protected on PCs, when synced to clouds, stored on NAS, or if users inadvertently share them with unintended parties.

Managed Data Protection

The Blueshift SOC can remotely lock down all files during a security incident, without disrupting productivity.


Cigent Data Defense Shields Up adds multi-factor authentication to ensure all protected files are shielded from access by cyber criminals and malware. There are multiple ways to activate Shields Up mode, including: 

  • Your security team can manually engage Shields Up from the Cigent Data Defense management console to a single PC, a group, or the entire organization

  • Shields Up mode can be automated by policy when AV is disabled (by an adversary or by the user) or if the AV database is out of date

  • A trigger when there is suspicious activity on ports such as 3389 (common for RDP) indicating a threat actor is attempting lateral movement
  • Your SOAR can be configured to automatically implement Shields Up based on defined triggers, such as a malware detection on an endpoint or a network intrusion

  • An alert from a Cigent Secure SSD self-encrypting drive (optional)

  • When AV/ EDR detects an attack (either locally on the PC or from the EDR management console)

  • By Integrations with SentinelOne, Cisco Secure Endpoint, VMware Carbon Black, Sophos, CyberArk, Dell Trusted Device SafeBIOS, PC Matic



Blueshift XDR offers optional configuration, management, and monitoring of Cigent® Data Defense for Windows and Self Defending Storage. These additional layers of data protection can be proactively utilized to protect sensitive data at all times from ransomware and data theft, even in the event of a cybersecurity incident.

  • Instant, posture-based locking of critical data, without impacting the user’s ability to continue working, or to access files. Files are either always protected with multi-factor authentication or protected on a risk-aware basis.

  • Protection of an organization’s IP from any threat, even when stored in the data center, the cloud, the endpoint, or external storage.

  • Seamless sharing of encrypted files within groups of authorized users using Zero Trust multi-factor authentication. 

  • A new level of granularity to Blueshift XDR response, including group file locking and centralized file locking in a heightened threat environment.

  • Employ FIPS-validated cryptography when used to protect the confidentiality of CUI. 


  • For added security, keeping data hidden and inaccessible from threat actors—even when the user is logged in—in hardware-encrypted safe rooms, supported by any Cigent Secure SSD™ or TCG Opal 2.0 self-encrypting drive.
  • Setting up file protection policies for your entire workforce, including personnel working from home.
  • Individual files can be protected at all times, or for added convenience, with risk-based authentication only during a security incident.  


Blueshift simplifies compliance initiatives and extends security visibility and management across an entire organization. It integrates with all existing devices, data and systems across the network. That includes cloud, IoT, endpoint, server, remote workers and more.

Adding Zero-Trust data protection to the Blueshift XDR platform means that files remain encrypted and only accessible by trusted users, wherever they go: endpoints, cloud, NAS, anywhere. Cigent’s integrated controls defend sensitive data from zero-day ransomware, advanced malware, fileless malware, living-off-the-land, zero-day, supply chain, firmware, unpatched software, and social engineering attacks.

Another Blueshift innovation has been to integrate zero-trust data protection with its XDR platform. Zero-trust data protection can force the protection of files during a security incident so that only authorized users with proper multi-factor authentication can access them. This helps reduce the risk that the data is exfiltrated or encrypted during an incident.