Palo Alto Networks announced enhancements to its Traps advanced endpoint protection offering that strengthen current ransomware prevention by monitoring for new techniques and ransomware behaviour and, upon detection, prevent the attack and resulting encryption of data.
As ransomware attacks continue to escalate in both sophistication and frequency, organizations are working quickly to protect themselves from falling victim to the next attack. According to Cybersecurity Ventures, ransomware will cost organizations more than $5 billion in 2017 – more than 15 times the cost of damages absorbed in 2015.
To protect themselves from the evolving threat of ransomware, most organizations deploy multiple security point-products and software agents on their endpoint systems, including one or more legacy antivirus products. The protections provided by these signature-based products continue to lag behind the speed of ransomware attacks, which can impact and spread throughout organizations in a matter of minutes compared to the hours or days it could take a customer to receive a signature update.
When combined with its existing ransomware prevention and other multi-method prevention capabilities, Traps offers effective ransomware protection and helps organizations avoid the business productivity losses associated with inaccessible data. Traps effectively secures endpoints with its unique multi-method prevention capabilities by combining multiple defensive techniques, preventing known and unknown attacks before they can compromise endpoints.
Key advancements introduced in Traps version 4.1 include:
Behavior-based ransomware protection adds a layer of malware prevention to pre-existing capabilities without reliance on signatures or known samples. By monitoring the system for ransomware behaviour, upon detection, Traps immediately blocks the attack and prevents encryption of end-user data.
Enhanced kernel exploit prevention protects against new exploit techniques used to inject and execute malicious payloads, like those seen in the recent WannaCry and NotPetya attacks, by stopping advanced attacks from initiating the exploitation phase.
Local analysis for macOS provides added protection against unknown attacks for a growing macOS® user base.