What’s New Halcyon? Linux Detections and DXP Enhancements

Written by
Published on
Nov 1, 2024

Halcyon is excited to announce new improvements to the Anti-Ransomware Platform, continuing our commitment to helping our customers avoid business disruption caused by a successful ransomware attack.  

This release includes several important capabilities that improve our detection capabilities on Linux systems as well as a new way to detect attackers attempting to steal your data. For complete details, review the release notes.

  • Linux Detection Improvements: Halcyon Linux Agent fully supports the Bad File Extension feature. When an untrusted process attempts to create or rename a file with an untrusted extension, an event is sent to the cloud, triggering a unique alert for each combination of file artifact SHA256 and untrusted extension.
  • Data Exfiltration – Volumetric Detection: Halcyon DXP can now send volume threshold limits to the cloud. This new capability enables the upcoming release of Nefarious Data Volume alerts in an upcoming user interface release.
  • Improved Logging Infrastructure: We are continuing to improve our ability to log events to syslog on Linux and Event Viewer on Microsoft Windows systems in future Halcyon Agent updates

In addition to these updates, here are several interesting updates to the web console:

  • The Overrides page now has a Host tab -- this is the future home for DXP alert overrides.  
  • Users with the PowerUser role can now access and modify the list of users within a tenant.
  • There is now text in the Overrides explaining the nature and impact of each override.

 

Halcyon.ai eliminates the business impact of ransomware, drastically reduces downtime, prevents data exfiltration, and enables organizations to quickly and easily recover from attacks without paying ransoms or relying on backups – talk to a Halcyon expert today to find out more. Halcyon also publishes a quarterly RaaS (Ransomware as a Service) and extortion group reference guide, Power Rankings: Ransomware Malicious Quartile, and check out the Recent Ransomware Attacks resource site.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.