Aegisys combats Ransomware such as Petya / PetrWrap with advanced detection methods

Advanced Ransomware Detection with Aegisys

To detect threats like ransomware, Aegisys has partnered with Alienvault which unifies the power of asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, SIEM, and log management in one console, giving our clients complete security visibility of their on-premises Aegisys cloud infrastructure. We believe this unified approach is the most effective way to combat advanced threats like ransomware, and gives Aegisys all the threat context we need to detect, investigate, and respond to an emerging threat—all in a single pane of glass.

Indicators of Compromise were reported in the Open Threat Exchange (OTX) within an hour of the attack, and the IDS signatures were within Aegisys Security systems and was able to detect and alarm on the ransomware and its different methods.

Aegisys can also help you identify critical vulnerabilities as well as detect if your organization is under attack by this ransomware variant. In addition, I wanted to highlight:

  • The Aegisys Securities were updated in March 2017 to include new IDS signatures that detect ETERNALBLUE in our networks.
  • AlienVault ensures that our Hosted cloud clients are assured protection against that variant of Petya, and other malware and ransomware like it, through the continuously updated Threat Intelligence subscription that provides Aegisys customers the ability to detect both vulnerabilities (often in advance of the actual attack) as well as generate alarms when the threat is in-motion.

For more on Peyra Ransomware, please visit here for up to date information.