Multiple file modifications in a short period of time and evidence of encryption are two telltale signs of ransomware. Using a few simple patterns, FileAudit Plus can detect these signs of ransomware early on and identify attacks right as they happen. Follow the steps below to configure FileAudit Plus' automated threat response mechanism to shut down any ransomware attack right at its inception.
Note: You can also execute your own scripts to perform actions tailored to your organization's needs.
You have now successfully configured FileAudit Plus to detect and respond to a scenario where more than 100 files events such as create, modify, and rename are detected within one minute. As per your organization's needs, you can use the filter option to include or exclude specific file types, users, actions, etc. for more selective monitoring.
Get FileAudit Plus easily installed, configured and
running within minutes.
We believe actions speak louder than words. Schedule
a free demo, and see for yourself