Endpoint and secure access solutions vendor Absolute Software has released a new offering to enable customers to prepare and accelerate their endpoint recovery in the face of ransomware attacks. The firm said Absolute Ransomware Response features several capabilities and benefits that will help organizations assess their ransomware preparedness and cyber resilience across endpoints. The launch comes as new research from cybersecurity leader Mandiant cites an increasing evolution in ransomware tactics, techniques, and procedures (TTPs).
Offering protects businesses against growing ransomware threats
In a press release, Absolute Software stated that Absolute Ransomware Response ensures mission-critical security applications, such as anti-malware and device management tools, remain healthy and capable of self-healing while expediting the quarantine and recovery of devices in the event of a ransomware attack. It has been developed to help protect businesses against the growing ransomware threat, which has surged since the accelerated adoption of a work-from-anywhere operations model, it added.
Indeed, Mandiant’s latest M-Trends report observed attackers using new TTPs to deploy ransomware rapidly and efficiently throughout business environments with the pervasive usage of virtualization infrastructure in corporate environments a prime target for ransomware attackers.
Commenting on the release, Absolute Software’s Executive Vice President of Product and Strategy John Herrema said, “Ransomware is more prevalent, more sophisticated, and more capable of disruption than ever and organizations need to plan for when, not if they are successfully attacked.” When a ransomware attack occurs, organizations are often forced to weigh the risks of cutting off all communication with an infected device, losing the ability to restore or recover it, or leaving the door open for re-infection, he continued.
451 Research Principal Analyst Eric Hanselman concurred, adding that, while organizations are very concerned about the time to recover from ransomware attacks, they often solely focus on prevention tools without planning for the worst-case scenario: falling victim to an attack. “By building a plan and improving the preparedness and simplifying the endpoint recovery process for their organizations, they can accelerate businesses’ ability to recover and resume operations,” he said.
Features include cyber resiliency, device security and recovery capabilities
Absolute Ransomware Response includes several features designed to improve key elements of ransomware preparation and response:
- Assessing strategic readiness across endpoints: Customers can review existing security controls deployed across their endpoints and identify key applications and device management tools required to minimize ransomware exposure and accelerate recovery efforts.
- Establishing cyber hygiene and resiliency baselines: Users can enable application resilience policies that monitor the critical controls identified during the assessment phase to mitigate the risk of a successful ransomware attack and ensure that tools may be restored if an attack renders them inoperable. This also includes training customer personnel on how to monitor application health and apply these baseline resilience policies to new enabled devices.
- Monitoring device security posture and sensitive data: Customers can report on hardware and software inventory across their endpoints and assess overall device security posture and scan for sensitive data to identify devices most at risk of extraction and enable proper backup via customers’ existing tools.
- Expediting device recovery and limit re-infection: Users can better communicate with end users if their devices are compromised, quarantine and freeze endpoints to limit further spread of infection and preserve evidence for litigation purposes, restore endpoint security and device management tools that have been rendered inoperable, and execute custom workflow and task automation commands to expedite device recovery. In addition, Absolute experts are available to remotely assist customers with endpoint recovery efforts.
Absolute Ransomware Response is available for purchase for new customers as part of the company’s Secure Endpoint product offerings, while the capabilities are available as add-on modules for existing Absolute Control and Resilience service-tier customers, the firm stated.