Guardicore steps in against ransomware attacks with latest release


Guardicore has released new features to reduce the complexity of segmentation policy creation and enforcement to more effectively secure complex enterprise environments against ransomware attacks.

According to Forrester’s New Tech: Microsegmentation, Q3 2021 report, “Ransomware, once it gets into a network perimeter via phishing or other threat vector, spreads internally through SMB exploits… and RDP exploits… microsegmentation will slow down the propagation of future ransomware.”

However, Guardicore states that as organisations increasingly adopt cloud, hybrid and OT/IoT technologies, consistent segmentation policy enforcement across operating environments is a primary area of concern.

Addressing this issue, Guardicore’s latest features are designed to simplify policy creation and enforcement, and strengthen ransomware protection across any environment.

Guardicore states it provides coverage for all environments using a single tool with minimum performance and operational impact.

The company creates silos between servers, operating systems, cloud instances, and applications to prevent, detect, and remediate ransomware and advanced attacks.

Guardicore’s latest features and benefits include the following:

AI labelling and policy suggestion: Implementing effective segmentation begins with mapping assets and ends with enforcing policy. Neither are inherently simple tasks.

Guardicore’s latest release tackles both of these challenges. AI labelling that leverages advanced machine learning techniques trivialises the asset mapping phase.

Policy suggestions clear the road to enforcement by automatically suggesting the most impactful policies based on uncovered workflows and dangerous or unnecessary traffic patterns.

Agentless visibility and control: Host-based agents are not always viable, such as in OT environments, IoT devices, legacy mainframes, and medical devices.

In order to ensure protection in these types of environments, Guardicore has built an agentless solution, or collector, that offers both visibility and enforcement.

Network administrators can configure their switches and flow aggregators like Gigamon, IXIA, and many others to share telemetry and…

Source…