MemCrypt stops known ransomware and unauthorised encryption activity.
MemCrypt detects zero day (never seen before) ransomware as well as the behaviour patterns of known ransomware families. When an untrusted application exhibits ransomware like behaviour such as renaming files in bulk, or performs bulk file encryption, the process will be marked as suspicious and can be stopped by the MemCrypt endpoint.
MemCrypt currently detects the top 30 ransomware variants by attack volume.
The detection and ransomware stop process is fast (subsecond), but in the event that files were encrypted prior to the stop process, MemCrypt offers a unique Recover capability.