Netkiller ISMS 4.1.0 Release Blog

Netkiller ISMS 4.1 Release: Enhanced Security Features for Comprehensive Data Protections

We are pleased to announce the release of Netkiller ISMS version 4.1! This upgrade has added and enhanced various features to strengthen information security management and improve user convenience.

A key feature of Netkiller ISMS 4.1 is the option to scan the metadata of all files within the domain, shared drives, and files shared from external sources, including their sharing status, permissions, and link sharing status. This feature represents a significant improvement in speed, over 100 times faster than previous file content audits. It enables users to verify permissions for all files and ensure that access to sensitive information is granted only to authorized users.

Additionally, the design has been improved to provide progress details of full scans, and a feature to download large-scale full scan results has been added to enhance security monitoring.

To understand data sharing status and protect data containing sensitive information, predefined DLP information types (such as IP addresses, MAC addresses, Korean/American passport numbers, etc.), real-time display of external sharing and public status of drive files, and Netkiller ISMS DLP’s GWS log triggers have been introduced.

The Netkiller ISMS 4.1 version includes various enhancements, such as improved drive log and data retrieval speeds, better OCR recognition and processing, and an improved responsive UI for tablets and mobile devices.

New Features

  • High-speed Drive Full Scan option:
    • An option has been added to perform a full scan focusing on metadata such as sharing information, excluding the contents of the files. This allows for more than 100 times faster scanning while monitoring important security aspects.
  • Shared Drive Permissions scan:
    • ISMS 4.1 has been upgraded with the capability to scan permissions for all shared drives within the domain. This feature allows for the verification of permissions for each shared drive, ensuring that access to sensitive information is granted only to authorized users.


  • Full Scan
    • Full Scan Download function: Improvements have been made to allow for the downloading of large-scale full scan results, making it easier to analyze data and take necessary actions.
    • Full Scan Progress Visibility: The progress of the full scan is displayed in percentage in a progress bar, providing a clear representation of the scan’s completion status.

  • Drive Activity logs search, retrieval speed and event details divisions
    • Improved speed of Drive Activity search and retrieval
    • The labeling of drive activities has been improved. Previously, events were simply marked as “Shared,” but now they are more specifically categorized as “Shared externally” or “Shared publicly,” providing clearer insights into data sharing practices.

  • OCR
    • Improved Image Processing: The processing of images with white backgrounds and clear fonts/texts has been improved, leading to higher OCR accuracy.
    • Detection of Text alongside Objects: For images that contain text along with other objects, this feature detects the text and improves accuracy.
    • Handwritten Text Recognition: Simple fonts and clear handwritten texts can now be recognized through OCR.
    • Automatic Image Alignment: If an image is not properly aligned, it automatically rotates to the correct orientation to execute OCR.

  • Netkiller ISMS DLP 
    • GWS Drive Audit Log Triggers: Netkiller ISMS DLP now detects not only drive activities through Netkiller ISMS but also GWS drive audit log areas, offering audit trigger operations for all file activities in Netkiller ISMS/GWS, thus providing an additional layer of security monitoring.
    • Predefined DLP Policy Types: New predefined Data Loss Prevention (DLP) information types such as IP addresses, MAC addresses, Korean passport numbers, U.S. passport numbers, and U.S. SSNs have been added. This expansion helps in better identifying and protecting sensitive information.

  • UI / UX 
    • The UI has been improved for tablets and mobile devices to be more responsive.


  • Drive Activity Log: 
    • The detection of drive activities for externally owned files has been enhanced.
  • Netkiller ISMS DLP 
    • Issues with DLP visibility, DLP trigger operations, and reactivation of revision archiving have been resolved.
  • Miscellaneous Fixes
    • Various improvements have been made to enhance the overall functionality and performance of Netkiller ISMS.

Example Impacts of Updating to Netkiller ISMS 4.1

Example of the Effectiveness of the Shared Drive Permission Scan Feature:

A marketing team member accidentally granted write permissions to a shared drive folder containing important customer information to all company employees.

With the shared drive permission scan feature of Netkiller ISMS 4.1, administrators can quickly identify and correct this permission setting error, preventing the risk of sensitive customer information leakage in advance.

Example of the Effectiveness of the Ultra-Fast File Metadata Scan Feature:

An employee who is planning to resign attempts to mass-copy thousands of files, including the company’s trade secrets, to a personal USB drive.

With the ultra-fast file metadata scan feature, the system quickly identifies the potential for this data breach and detects the user’s mass copying attempt, preventing the leakage of important information and protecting the company’s competitive edge.

Example of the Effectiveness of Enhanced Drive Activity Log Events:

If an employee accidentally shares an important file externally, previously it was simply marked as “Shared,” making it difficult to accurately determine whether it was shared inside or outside the domain.

With the improved feature, it’s now labeled more specifically, such as “Shared externally,” allowing administrators to quickly identify the issue and take necessary actions. This enhancement effectively manages inappropriate data sharing and reduces security risks.

Example of the Effectiveness of the Strengthened OCR Feature:

An employee in the accounting department scans a receipt image containing a customer’s name, address, and credit card information.

With the enhanced OCR capability, the system accurately recognizes text within the image and automatically extracts sensitive information, allowing it to be processed in accordance with DLP policies. This strengthens the protection of personal information and ensures compliance with regulations.

Example of the Effectiveness of Expanded DLP Information Types:

An employee in the development team accidentally uploads a GitHub repository file containing the company’s source code to Google Drive and sets it to public.

With the expanded DLP information types, the system can identify data such as source code and block public sharing or send a warning message. This protects the company’s intellectual property and helps it maintain its competitive edge.

Example of the Effectiveness of Expanded Trigger Operation Policies:

A hacker attempts to delete important files stored on Google Drive after hijacking a user account.

Netkiller ISMS supports trigger policies including GWS Drive Audit logs. It detects suspicious activities within the GWS Drive and immediately alerts the administrators. This prevents data loss and minimizes damage through prompt response.

In Closing:

The upgrade to Netkiller ISMS 4.1 significantly strengthens the data security of Google Drive. It effectively enhances corporate information security by proactively preventing and blocking the risk of data breaches in various situations!

If you have any questions or concerns, please send an email to


The Netkiller ISMS Team