Protect against Ransomeware for %homepath% folder

Posted by HiMan
Digon

Protect against Ransomeware for %homepath% folder

Hi,

How do you protect against ransomeware?

Is it enough to add %homepath% to the places which has to be protected?

Did you experience any troubles?

Thank you

HM

1 Accepted Solution

Accepted Solutions
Highlighted
Posted by ITbrain Staff
ITbrain Staff
Solution

Re: Protect against Ransomeware for %homepath% folder

Hi @HiMan

Thank you for the post. 

Active Ransomware protection is a module which needs a bit of training, for it to be a valuable tool against unknown Ransomware. 

Protected folders are locked and monitored by our system and applications which are not trusted will be denied access. This will prevent Ransomware from encrypting valuable files.

I would recommend finding out the files which need to be protected on a system or on a few systems then, to see which paths are necessary to be added. 

Later edit: 

Environment variables and Wildecards are not supported yet in the first version of Active Ransomware protection. 

Exact folder paths are needed for the engine to know exactly what to protect.

After setting all folders I would see and monitor the blocked application list to see if any of my programs would be blocked and add them To the Trusted applications list. 

Ransomware protection is not that easy to integrate into a traditional signature-based detection, however, we tried to make it very versatile to fit many needs and to have properly good security and protection.

We will post soon a detailed article in the News section about ITbrain Anti-Malware Active Ransomware protection.  

Best regards,

Product Owner ITbrain
1 Reply
Highlighted
Posted by ITbrain Staff
ITbrain Staff
Solution

Re: Protect against Ransomeware for %homepath% folder

Hi @HiMan

Thank you for the post. 

Active Ransomware protection is a module which needs a bit of training, for it to be a valuable tool against unknown Ransomware. 

Protected folders are locked and monitored by our system and applications which are not trusted will be denied access. This will prevent Ransomware from encrypting valuable files.

I would recommend finding out the files which need to be protected on a system or on a few systems then, to see which paths are necessary to be added. 

Later edit: 

Environment variables and Wildecards are not supported yet in the first version of Active Ransomware protection. 

Exact folder paths are needed for the engine to know exactly what to protect.

After setting all folders I would see and monitor the blocked application list to see if any of my programs would be blocked and add them To the Trusted applications list. 

Ransomware protection is not that easy to integrate into a traditional signature-based detection, however, we tried to make it very versatile to fit many needs and to have properly good security and protection.

We will post soon a detailed article in the News section about ITbrain Anti-Malware Active Ransomware protection.  

Best regards,

Product Owner ITbrain