BULLWALL

Bullwall is dedicated to fighting cybercrime especially in the form of ransomware

Meet Bullwall

RansomCare – Your last line of defence against ransomware attacks

In a scenario where a ransomware has already bypassed your existing security solutions, it is now effectively “whitelisted” to attack your business, causing as much disruption as possible by encrypting as many of your files as it can in the shortest possible time.

Why is RC different? RC is a new and innovative technology that, from a central server installation (agentless), detects ransomware attacks by looking into the heuristics of your actual data files from i.e., Word, Excel, PDF. etc., stored on your entire storage platform and in the cloud.

RC will detect and stop ransomware attacks even when the malware has bypassed all your existing security tools. It provides critical security defence for a small portion of your available security budget.

It’s critical that organizations don’t rely solely on a reactive response. On a daily basis, we hear reports on how this strategy has proven to fail. The future defence strategy needs to include disaster recovery with a Last Line of Defence solution.

RC provides a revolutionary Last Line of Defence against the threat from ransomware and delivers a 24/7 automated response. It does not matter which user, or which device triggered the attack. Nor does it matter if it is a known or unknown ransomware attack, or if the attack started on an endpoint, a mobile phone, an IOT device, by email, website drive-by-attack, USB key, or were deployed by someone inside your organization.

An alert is raised immeadiately and a response can be generated to shutdown the endpoint under attack (Windows, Mac and Linux), so encryption stops instantly. RC also handles virtual environments such as Citrix servers/sessions, Terminal servers/sessions, Hyper-V, VMware and the cloud, including Azure and Amazon AWS/EC2, Sharepoint, Google Drive and Office 365. RC disables and stops the device encrypting your data, including mobile devices.

RC is not installed on endpoints or any of the existing servers or file servers. There is no impact on network performance issues. Agentless file behaviour monitoring, and Machine Learning techniques are deployed with ease in 4 hours with automatic configuration. Full integration to other security solutions such as MS ATP, Cisco ISE and SIEM systems via RESTful API, allows your security teams to unify management across all endpoints.

Meet Bullwalls RansomCare

New strains of ransomware can disable endpoint protection, AV, firewalls, and even backup solutions before encryption starts. What do you do if your perimeter and endpoint protection is breached? RansomCare’s focus to protect your data storages; not your endpoints. You already have protection in place on your computers and endpoints, but what do you have to stop ongoing illegitimate encryption on file shares? Let’s see RansomCare at work

We make sure that your organization, reputation and bottom line stay secure when all your other security solutions fail. Stop ransomware before it stops you!

Instantly detect an ongoing ransomware outbreak

Immediately detect and identify the user and client which initiated the encryption and block any further encryption
Stop the ransomware in its tracks by using our built-in scripts (Shutdown device, disable user in Active Directory, terminate a Citrix session or disable network devices)
Quickly identify the user and the files that have been encrypted for an easy restore from backup
Automate your GDPR reporting
No network or performance overhead