
The solution automatically detects and remedies attacks
Statistica recently confirmed something we all already knew.
In 2020, when covid-19 first emerged, ransomware attacks increased significantly.
Theyād been pretty much stable for three years up until that point. But, for some people, the pandemic was apparently an opportunity. In a single calendar year, worldwide ransomware attacks increased by 62%.
The increase is alarming, of course. And what surely makes it more alarming is theĀ characteristicsĀ of certain attacks. In 2020, we know criminals used things like āvaccine informationā and promises of financial assistance to trick victims ā who were of course mostly working remotely, whichĀ KPMG suggests increases risk.Ā Ā
Itās clear the threat landscape is changing rapidly alongside social changes. Ransomware remains a major security threat and becomes more and more efficient and successful with each iteration. Cyber criminals are extremely agile and adapt very quickly to new market situations, becoming increasingly sophisticated in getting through security barriers.
And thatās precisely why (or at least one of the reasons!) Iām so excited about a new direct integration between Rubrik and Palo Alto Networks. Because the integration gives companies the ability to detect and remedy ransomware automatically.
āAutomation at its finestā
The solution relies on technology from Rubrik. But it also relies on technology from Palo Alto. In fact, it combines the two to build something thatās definitely more powerful than the two technologies summed.
From Rubrik, you get the ability to monitor files, classify files and detect anomalous file changes (which is of course an indicator of a ransomware attack).
Next, technology from Palo Alto Networks gives you the power to take action automatically. For a long time our industry has discussed the power of automation. If you ask me, this is automation at its finest.
The alliance makes detecting threats simple, as weāve already discussed. It also generates rich incident analyses ā which can be automated. Crucially, it allows teams to recover from ransomware attacks (by reverting to automatically saved backup files) extremely quickly. In fact, just one mouse click is all it really takes.
From what Iāve seen of the technology, this all takes place remarkably quickly. A threat is detected. Itās analysed. Automated processes can halt the potential attack.
The potential attack can then be checked by a human. And, should our human confirm the potential attack is in fact ransomware, automated processes can execute an automatic recovery.
Several security problems solved
For me, what makes the new solution so exciting is it solves so many of the issues that plague security teams today. Alert fatigue, for example: Security teams forever face an increasing barrage of noise, and the louder this becomes, the more difficult responding to alerts is.
Especially when a response is manual āĀ and involves multiple, siloed security solutions.
The Rubrik and Palo Alto Networks partnership seems to tackle all the above problems simultaneously. Itās like a single bowling ball knocking down multiple skittles at once.
An extraordinary advance
From my perspective, it seems quite hard to overstate the benefits of the new solution. If you imagine a ransomware attack without the solution ā with the chaos that would inevitably ensue, the lost productivity and the drawn-out post mortem ā the advance is truly extraordinary.
Files are classified and monitored automatically. Following a potential incident, you get to see which files were affected, when and how. You can recover in a single mouse click. Threat detection speeds are minimal. Recovery speeds skyrocket.
Iām not going to say the new solution renders ransomware threats redundant, because it doesnāt. But it does reduce the need to worry about a threat that occupies so much mental bandwidth; a threat thatās constantly evolving and a threat that, unfortunately, remains lucrative to cyber criminals.
We all know automation needs to become a security priority. Weāve known that for a long time.
The Rubrik and Palo Alto integration unleashes automation at its finest.
Both channel partners and end users should definitely take note!
This post was written by Denis Ferand, VP of Vendor Alliances. Those interested in Rubrikās direct integration with Palo Alto Networksā Cortex XSOAR can contact us for training, case study references, and lead-gen campaigns and ideas.