Ransomwares are still the most widespread cyberattacks targeting corporate data. That’s why in addition of the Multi-Layer Zero-Trust implementation in Nucleon Smart Endpoint EDR, we now release new post-exploitation features. In this article we will demonstrate our rollback and remediation features against Hakbit ransomware. The goal is to reduce the [...]
Nucleon Smart Endpoint takes a different approach to EPP than most of its competitors. Rather than putting the emphasis on runtime behavioral and memory analysis, as most current generation EPP products do, Nucleon utilizes their multi-layer Zero-Trust architecture for authorizing process level execution on the endpoint. The use of ML is essential in the EPDR product space. Here too, Nucleon deploys its proprietary ML in a novel way. Nucleon employs ML to “absorb” normal user activities to develop a baseline of activities on which to base endpoint specific rules that prevent malware execution. Additionally, Nucleon offers LOLBAS-informed hardening and detection as well as vulnerability enumeration.
Nucleon’s EDR covers the expected range of capabilities for aiding investigations, including IoC detection, CTI enrichment, and automated evidence collection. Nucleon offers a good range of remediation actions, from quarantining files to process termination to full system restore for affected machines.