Ransomware Prevention

Halcyon offers a leading solution for protection against Ransomware and other forms of advanced malware. The Halcyon platform is specifically designed to detect, stop, and recover from modern attacks - even when other security layers fall short.

Combining behavioral analysis, artificial intelligence, and automated remediation, Halcyon provides proactive defense against threats that traditional AV and EDR solutions often miss.
Halcyon eliminates the business impact of Ransomware. Modern enterprises rely on Halcyon to prevent Ransomware attacks, eradicating cybercriminals’ ability to encrypt systems, steal data, and extort companies. Halcyon has he following characteristics

• Always included; 24/7/365 expert threat monitoring and recovery
• Pre-execution prevention
• Ransomware behavior detection
• Encryption key material interception
• Data exfiltration detection
• Low system resource consumption
• Simple deployment with no reboots required

The Halcyon advantage

Contextually aware
Halcyon weights trust based on a combination of attributes and behaviors to determine good, bad, or suspicious activity. Halcyon then carries that intelligence through multiple inspection layers to formulate a highfidelity detection based on correlating numerous telemetry sources. This allows Halcyon to determine more quickly if an event is potentially malicious, so evasion is much more difficult for the attacker

Continuous pre-execution improvement
Halcyon delivers an autonomous solution that continuously corrects itself against a false negative result in minutes. Halcyon considers failing to block Ransomware at the pre-execution layer a miss. When a threat is caught at any subsequent layer of protection, Halcyon automatically informs and updates the pre-execution layer so the variant cannot evade that first layer of security again.

Preventing major failures
Halcyon has built resilience into the anti-Ransomware platform with an architecture designed specifically to combat Ransomware. By focusing solely on this threat, the platform can eliminate the business impact of an attack, in most cases.

Key use cases

Detecting and Preventing Ransomware
The Halcyon Platform fills the current Ransomware protection gap, protecting against known and novel variants before, during, and after attacks.

Improving Security Stack Efficacy
The Halcyon protective kernel architecture protects endpoint security tools from being blinded, unhooked, or uninstalled by Ransomware and amplifying destructive behaviors to bolster their detections via the Sidekick Protection feature. In addition, Halcyon’s Kernel Guard Protection detects when an attacker attempts to disable an installed security control using a known vulnerable driver and disrupts their action.

Endpoint Resilience
Halcyon eliminates the business impact of Ransomware attacks by delivering automated recovery in minutes or hours instead of days and weeks. Halcyon captures encryption key material generated during a Ransomware attack, enabling the recovery of encrypted data without having to pay ransom.

Key differentiators

Attacker-Driven Development
The Halcyon Platform was designed around the attacker mindset because exploitation experts built it. The platform’s layered control fabric delivers resilience because the platform was built with failure in mind. The platform was built with business impact in mind and substantially reduces - and in most cases eliminates - business impact entirely. Speed and context are everything, and the Halcyon Platform provides exceptionally high efficiency as Ransomware is eliminated by multiple detection engines that maintain deep contextual correlations from each preceding layer.

Truly Intelligent Security
Halcyon’s adaptive logic allows for swift retooling or the addition of new tooling in real time to prevent new bypass techniques with no impact to product stability. As the Halcyon solution detects Ransomware after pre-execution, it sends intelligence back to the pre-execution layer to detect and block that variant in the future.

AI/ML-micromodels
AI/ML micro-models interrogate smaller subsets of data with extremely high fidelity and intercommunicate using the client environment as a distributed brain. These models are incredibly flexible and can adapt rapidly to baseline changes in the environment compared to the “slow to change” nature of convolutional neural networks and deep learning brains used by many traditional endpoint security controls.

If you'd like to learn more about Halcyon solutions and services and how they can best be applied to your specific situation, please contact one of our specialists.