Palo Alto Networks announces a number of innovations to the Endpoint Protection Product Traps. These, among other things, help counteract ransomware by monitoring new techniques and monitoring ransomware behavior. As a result, the product can attack and prevent subsequent data encryption.
Ransomware attacks are becoming increasingly common and are becoming increasingly advanced. Companies are therefore busy with protecting themselves from falling apart from cybercriminals. According to Cybersecurity Ventures, ransomware companies will cost more than $ 5 billion in 2017. This is 15 times more than its total cost in 2015. “Ransomware attacks are becoming more and more advanced in the future. With the new features in version 4.1, Traps is better able to stop pre-attack and protect our way of living in the digital age, “said Lee Klarich, chief product officer of Palo Alto Networks.
Legacy antivirus products
To protect themselves against ransomware, companies often put in place multiple security point products and software vendors to protect their endpoints. Also, legacy antivirus products are often used. However, the security of these type of signature-based products is much slower than the ransomware attacks themselves. These attacks can spread in just a few minutes. By comparison, it may take hours or days for a customer to receive an update of a signature.
Traps effectively protects endpoints with a combination of multi-method prevention capabilities, consisting of anti-malware and anti-exploitation techniques. As a result, known and unknown attacks occur in a timely manner, as well as productivity loss due to inaccessible data.
The main innovations in Traps 4.1 are:
- Behavior-based ransomware protection adds a layer of malware prevention to existing features without using signatures or known samples. By monitoring the system for ransomware behavior, malware detection detects Traps directly and prevents the encryption of end-user data.
- Enhanced exploitation prevention protects against new exploitation techniques that are used to perform malicious payloads, as seen in the WannaCry and NotPetya attacks. Advanced attacks are already stopped in their exploitation phase.
- Local Analysis for MacOS provides additional security against unknown attacks for the growing MacOS user file.