Morphisec’s Enhanced Anti-Ransomware Blocks Evasive Attacks
▼ Summary
– Morphisec has expanded its Anti-Ransomware Assurance Suite with new capabilities, including Network Share Ransomware Protection, Identity Risk Visibility, and enhanced EDR Tampering Protection.
– The new Network Share Protection prevents ransomware from encrypting shared network drives on Windows and Linux, blocking attacks from compromised endpoints to limit disruption.
– The Identity Risk Visibility feature proactively identifies and helps eliminate identity-based vulnerabilities, such as accounts with excessive privileges, which are a leading initial access point for ransomware.
– Enhanced EDR Tamper Protection safeguards Event Tracing for Windows (ETW) from evasion techniques, ensuring Endpoint Detection and Response systems maintain continuous visibility and effectiveness.
– These capabilities are part of Morphisec’s prevention-first platform, which uses Automated Moving Target Defense and deterministic attack disruption to eliminate threats before they execute.
Morphisec has significantly upgraded its Anti-Ransomware Assurance Suite with new features designed to counter sophisticated cyber threats. The latest enhancements introduce Network Share Ransomware Protection for Windows and Linux, Identity Risk Visibility, and improved EDR Tampering Protection. These additions directly address critical vulnerabilities that modern attackers exploit, focusing on shared data, compromised credentials, and the evasion of security monitoring tools. This expansion reinforces a prevention-first security model aimed at stopping attacks before they can execute and cause damage.
The updated suite targets three primary security gaps that often lead to severe breaches. By extending coverage to these areas, Morphisec provides security teams with tools to eliminate risks proactively without introducing operational complexity.
Network Share Ransomware Protection now safeguards shared network drives, which are frequent targets due to the widespread disruption their encryption causes. This capability blocks encryption attempts originating from compromised endpoints, preventing ransomware from spreading to critical business files. The technology uses coordinated intelligence, where decoys protect shared resources while agents block malicious activity in real time at its source. This approach contains outbreaks, limits data loss, and maintains business continuity by protecting the collaborative data environments organizations depend on daily.
A new Identity Risk Visibility feature helps organizations identify and remediate identity-based weaknesses before they are leveraged in an attack. It surfaces high-risk accounts that have excessive privileges, insecure configurations, or poor security hygiene. The system then provides actionable guidance to systematically fix these root causes, helping to stop credential abuse and lateral movement. This intelligence supports stronger zero-trust strategies by enabling the enforcement of least-privilege access and improving overall identity governance.
Furthermore, enhancements to EDR Tamper Protection focus on defending the integrity of security monitoring systems. The upgrade specifically shields Event Tracing for Windows (ETW), a foundational component for Endpoint Detection and Response (EDR) visibility. It prevents adversaries from using advanced techniques to blind or tamper with EDR agents. This ensures that monitoring sensors remain active, telemetry streams are trustworthy, and EDR platforms maintain their detection capabilities during sophisticated attacks, thereby protecting a company’s existing security investments.
These capabilities are integrated into Morphisec’s broader Anti-Ransomware Assurance Suite. The platform leverages its core Automated Moving Target Defense (AMTD) technology, combined with deception-based prevention and deterministic attack disruption. This methodology allows it to neutralize ransomware and advanced threats prior to execution, operating without dependence on traditional detection signatures, behavioral analysis, or constant manual intervention. The suite offers protection across a unified surface including endpoints, identities, cloud workloads, and Linux systems.
(Source: HelpNet Security)
