| CPC G06F 21/577 (2013.01) [G06F 21/565 (2013.01); G06F 21/568 (2013.01); G06F 21/602 (2013.01); G06F 21/74 (2013.01); G06F 21/85 (2013.01); H04L 12/4633 (2013.01)] | 18 Claims |
|
1. A computing platform, comprising:
at least one processor;
a communication interface communicatively coupled to the at least one processor; and
a memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
establish a connection with a secure external storage receiving device located remotely from the computing platform;
receive, from the secure external storage receiving device, an indication that an external storage device storing a plurality of files has been connected to a port of the secure external storage receiving device,
wherein receiving the indication; causes the computing platform to generate commands causing the external storage receiving device to execute one or more functions, the one or more functions including replicating data associated with the external storage device, and encrypting the replicated data;
transmit the generated commands to the external storage receiving device;
receive, via an Internet Protocol (IP) secure (IPsec) tunnel provided via the established connection, the encrypted replicated data from the external storage device via the external storage receiving device;
decrypt the encrypted replicated data;
extract, from the decrypted replicated data, the plurality of files;
execute, on each file of the plurality of files, a scan to determine a cybersecurity status of each file;
determine, based on the scan, the cybersecurity status of each file;
transfer, to a first output folder of the computing platform, all files of the plurality of files having a first cybersecurity status;
transmit, to a user computing device associated with an enterprise organization, the files of the plurality of files having the first cybersecurity status for further processing including at least one of: identifying a source of a file, determining whether remediation of a file is available, identifying additional mitigation actions to execute, or identifying a type of malware; and
transfer, to a second output folder of the computing platform different from the first output folder, all files of the plurality of files having a second cybersecurity status.
|