Active Defense for Ransomware Protection

Ransomware continues to plague business of all sizes and industries. Regular backups and standard preventive controls are clearly insufficient, as the attacks have become more sophisticated and have added data exfiltration and extortion threats.

AI-Driven Advanced Deception Technology

Acalvio ShadowPlex uses AI-Driven Advanced Deception Technology to deliver effective Active Defense to combat Ransomware. It includes three attributes that provide precise, rapid Ransomware detection and mitigation.

First, ShadowPlex provides detection at every phase of the Ransomware kill chain:

The pre-defined ShadowPlex Ransomware playbook determines the correct mix of decoys, breadcrumbs and baits to act as tripwires for each stage of the kill chain. Both known and unknown (zero-day) attacks are effectively detected with this approach.

Second, the solution uses the advantages inherent in ShadowPlex to create an operationally viable and credible defense:

Autonomous Deception

Automates the deployment and updates of deception artifacts

Deception Farm and Fluid Deception

Resource efficient, high scale pooling of deception assets

Agentless

Easy to deploy; low risk to production systems

Third, ShadowPlex integrates with EDR and SOAR solutions for automated mitigation:

Device Isolation

Stops lateral movement propagation

Process Termination

Stops encryption, backup deletion, and C&C communication

API Trigger

Custom mitigation and response

Ransomware protection

As Ransomware gets more and more sophisticated, Security teams need to consider more flexible strategies that are immune to defeat by these advances in attacker techniques and tactics. ShadowPlex was built from the ground up as a next-generation Active Defense platform for breach detection. Combining Ransomware-specific playbooks and kill-chain tripwires with broad mitigation options, ShadowPlex is a gamechanger.