RansomCare from Bullwall is a Last Line of Defense that detects and stops active ransomware on file shares and servers by isolating any attacking users and devices. This automated containment solution is laser-focused to stop malicious encryption and file corruption on monitored file shares, securing critical data.

RansomCare does not depend on antiquated detection methods such as ransomware signatures, strains, patterns, or behavior. Instead, it rapidly detects the purpose of the ransomware – the actual encryption. It does so without any network overhead or performance degradation. It differentiates by monitoring file activity on file shares, application servers, and database servers.

RansomCare detection technology operates using event-based file detection, with a raft of high-performance detection sensors inspecting the heuristics – regardless of the file type or whether the file is renamed, modified, created, or deleted. Malicious encryption is detected in seconds, whether on-premise or in your cloud. RansomCare reacts by isolating compromised users or devices in seconds. It can shut down an offending machine, disable the user in the cloud or Active Directory, revoke SMB permissions, disable VPN sessions, and much more.

RansomCare by Bullwall

RansomCare is an automated containment solution that reacts in seconds when active ransomware illegally encrypts and corrupts files on monitored data storage. It’s engineered to:

MONITOR & DETECT

Bullwall monitors activity in real time

Monitors data activity on file shares
in real time

Instantly detects ongoing illegitimate encryption

Instantly detects ongoing illegitimate encryption

ISOLATE & QUARANTINE

Bullwall identifies and isolates the user and client initiating the encryption

Identifies and isolates the user and client initiating
the encryption

Deploys built-in scripts to isolate the affected user and stop the file encryption

Deploys built-in scripts to isolate the affected user and stop the file encryption

RECOVER & REPORT

Bullwall quickly identifies any encrypted files that can be restored from the backup

Quickly identifies any encrypted files that can be restored
from the backup

Automates any necessary incident reporting

Automates any necessary incident reporting

Watch RansomCare stop 3 live ransomware attacks in our demo

Free Ransomware Assessment

We test your infrastructure’s response to active ransomware behaviour, providing you with a clear view of your current security posture.

Follow Us