Ransomware Response FAQ

Overview

Blackpoint's Ransomware Response is an automated, anti-ransomware capability built directly into SNAP-Defense, our proprietary security operations and incident response platform. When you fully deploy the SNAP-agent across all your endpoints, you are pre-emptively protected against all types of ransomware, including mass, live-off-the-land attacks as well as drive-by, click-based attacks that occur within seconds and show no prior events identifiable through threat hunting. This is a free capability that helps Blackpoint extend our lead in the detection and response effort against modern-day cyberthreats.

Ransomware Response Highlights

  • Ransomware Response acts as a final, automated line of defense against third-party products operating with the highest permission levels possible such as remote monitoring and management (RMM) tools.
  • Ransomware Response, in conjunction with Blackpoint’s MDR technology and expert SOC team, gives customers peace of mind that they are protected against all types of ransomware: mass, live-off-the-land attacks and click-based, drive-by attacks.
  • Ransomware Response automatically stops ransomware in its earliest stages. Customers can focus on value-add operations and initiatives knowing that we are safeguarding their networks within seconds in case of ransom.
  • Ransomware Response is directly embedded in our MDR technology, so customers are automatically receiving this automated protection when they deploy our agent as part of their onboarding process. No further setup or calibration is required. 
  • Part of the integrated Blackpoint ecosystem, Ransomware Response further bolsters customer’s end-to-end security posture so they can obtain ideal cyber insurance coverage.

Frequently Asked Questions

How does Ransomware Response work with other EDR products?

Blackpoint MDR's Ransomware Response functionality works seamlessly with existing endpoint security solutions by monitoring suspicious activity. We have not seen any conflicts between our Ransomware Response capability and other EDR products.

Does Ransomware Response replicate some or all of ransomware protection provided by other EDR products?

While other EDR products may include ransomware protection, Blackpoint’s approach is different. Ransomware Response acts as an additional layer of automated defense against all types of ransomware: mass, live-off-the-land attacks as well as click-based, drive-by attacks. Ransomware Response automatically alerts and responds to prevent malicious processes from taking any further actions.

Does this new capability remove the need for an EDR like SentinelOne or CrowdStrike, for example?

There is no requirement to run an additional EDR solution. However, Blackpoint recommends using a next-gen anti-virus (AV) solution alongside the Blackpoint MDR agent.

Do I need to deploy additional software or change configuration to enable Ransomware Response?

No. Ransomware Response is built directly into SNAP-Defense, our proprietary security operations and incident response platform. When customers fully deploy the SNAP-agent across all their endpoints, they automatically receive protection.

What do I need to do to ensure I am ready to receive the Ransomware Response capability?

The only thing you need to do is ensure all endpoints in your environment have successfully installed the SNAP-agent.

Is there an additional cost for Ransomware Response?

No. Ransomware Response is a free capability automatically available to all Blackpoint partners.