Sotero Introduces Ransomware Protection Technology
Unique behavior-based approach gives organizations the ability to proactively detect and quickly stop ransomware attacks
In advance of RSAC 2023, Sotero has announced the availability of Sotero Ransomware Protection, giving organizations the ability to proactively protect unstructured data from attack by using behavior-based detection.
Most currently available ransomware solutions use a signature-based approach that detects only currently known ransomware strains - a method that broadly protects against malware concerns but does not guarantee protection against zero-day attacks.
Sotero’s Ransomware Protection not only detects currently known ransomware, but also provides the ability to detect and protect data from zero-day attacks. Sotero’s patented advanced machine learning capabilities look at patterns or signatures of previously discovered threats at the disk level to identify new threats as they develop. Sotero uses a unique behavior-based approach to detect new strains of ransomware based on how they interact with files and data.
Endpoint detection is cumbersome, hard to manage and defenseless against data asset attacks and exfiltration. Rather than just protecting the endpoint, Sotero’s pattern-based recognition of ransomware attacks protects data while isolating an attack before it can spread. And because detecting malware attacks does not always mean protecting from exfiltration, Sotero’s solution encrypts data to prevent theft and extortion of sensitive data - a capability that is treated as distinct by other vendors in the space.
Sotero provides a comprehensive ransomware solution that includes:
- No impact on end-user experience
- Files stored in encrypted form on the backend file server
- Enforcement of role-based access control (RBAC) allowing only privileged users to view the encrypted file contents
- Real-time detection using machine learning models to immediately block a ransomware attack and notify stakeholders
- Immediate attack detection and isolation to keep ransomware from infecting the rest of the organization
- Comprehensive visibility into where ransomware originated, and users and files impacted, for immediate and targeted recovery
- Integration with existing SIEMs and enterprise DLAP systems
“Sotero’s Ransomware Protection offers organizations of all sizes - from mid-market to enterprise - one solution to not only protect data, but also to prevent threats and maintain compliance,” said Purandar Das, co-founder and CEO of Sotero. “While most currently available solutions offer only detection and alerting capabilities, we have developed a solution that offers real-time ransomware protection that can in just minutes both detect and stop unknown attacks. Data exfiltration is eliminated, data corruption is minimized or eliminated, and restoration is enabled within minutes.”