Ransomware has evolved into enterprise-grade malware that holds computers and data files hostage, locks down entire systems swiftly, and brings business to a halt for days to months on end. And criminals are innovating new unknown methods continuously to defeat traditional signature-based methods of detection. Now more than ever, the C-suite (CIO, CISO CFO and CEO) has a significant stake in securing data and intellectual capital to protect PII, revenue, maintain customer loyalty and secure shareholder value.

It’s critical that organisations don’t rely solely on a reactive response to modern malware threats. On a daily basis we hear reports on how this strategy has proven to fail. The future defence strategy needs to include business continuity and disaster recovery with a Last Line of Defence solution which enables automatic alerting, shutdown response and quick recovery without the vast costs often associated with ransomware attacks.

What does BullWall do?

RC is a new and innovative technology that from a central server installation (Agentless), detects ransomware attacks by looking into the heuristics of your actual data files from i.e. word, excel, pdf. etc., stored on your entire storage platform and in the cloud.

RC is an agentless solution and is NOT installed on endpoints or any of the existing servers or file servers. There is no impact on endpoints and no network performance issues. Agentless file behaviour monitoring, and machine learning techniques are deployed with ease in 4 to 6 hours, and RC is configured automatically. Full integration to other security solutions like Cisco ISE and Windows Defender ATP or SIEM system are available via RESTful API allowing your security teams to unify security management across an increasingly complex sea of endpoints.

How does BullWall work?

RC will detect and stop ransomware attacks, even when the malware has
bypassed all your existing endpoint protection and other prevention or behavioural security tools. It is a vital element of your overall defence strategy, providing critical security defence for a small portion of your available security budget.

RC provides a revolutionary Last Line of Defence against the threat from ransomware. With a rapidly expanding attack surface to defend and multiple entry points for malware into organisations today, RC delivers a 24/7 automated containment response to ransomware outbreaks with inbuilt GDPR reporting. It does not matter which user, or which device triggered the attack. Nor does it matter if it is a known or unknown ransomware attack, or
if the attack started on an endpoint, a mobile phone, an IOT device, via email, website drive-by-attack, instant messaging apps, USB key, download, or were deployed by someone inside your organisation.

When RC detects a ransomware attack, an alert is raised instantly and a response can be triggered to shutdown the endpoint under attack (Windows, Mac and Linux) so encryption stops instantly. RC also handles virtual environments like Citrix servers/sessions, Terminal servers/sessions, Hyper-V, VMware and the Cloud including Azure and Amazon AWS/EC2, Sharepoint, Google Drive and Office 365. RC disables and stops the device encrypting your data including mobile devices.