White logo
Contact us
Platform
Solutions
Customers
Resources
Company
circuit
banner

Overview

During an active ransomware attack, Airgap’s Ransomware Kill Switch™ enables customers to respond quickly to minimize the damage by isolating infected hosts to resume business operations as quickly as possible to minimize any impacts to business operations.
image
On-demand CSIR incident response effectiveness
Take immediate actions to surgically stop ransomware C&C and secure IT and OT with protocol segmentation.
image
Know your Cyber Hygiene. Is patching your answer?
Legacy NGFW patching cannot solve the Ransomware problem. Use an agentless, risk-based asset inventory vulnerability management strategy.
image
Time-based IAM access control
Assess all IAM threat vectors and deploy MFA everywhere with real-time and zero-trust enforcement with diretory changes.
image
Verify and secure your lastline defense
100% sure that Intruders cannot discover, disable and encrypt your backup. The restore proccess need to be practiced and reported frequently.

Our Approach

Plan Ahead and align with Risk-Based Security Policies
Preparation is key to implementing a rapid incident response to become Ransomware ready. The goal is to prepare step-by-step frameworks for IR teams to quickly implement in response to a ransomware attack. Incorporating Airgap’s Ransomware Kill Switch™ as a tool to implement IR playbooks will enable customers to isolate and contain ransomware infections within minutes, not days or weeks, minimizing the impact of ransomware to business operations.
  • Compile a list of all assets through device discovery, classification, and profiling
  • Rank the risk of the assets and monitor host communication events
  • Perform Zero Trust network segmentation and isolation for IT/OT/IOT devices and remove the interdependency from applications and networks
Plan Ahead and align with Risk-Based Security Policies
Detection and Analysis
Detection and Analysis
Airgap integrates with leading Endpoint Detection and Remediation (EDR) solutions to assess risks of compromise inside the network or remote endpoints so IT/OT admins can react quickly when an EDR system has detected suspicious network and host activity that may be indicative of a breach within the network.
    Containment, Eradication & Recovery
    Containment is aimed to minimize the impact to business operations. Airgap’s Ransomware Kill Switch™ has been purposefully designed as a means for security administrators to quickly isolate infected hosts, endpoints and isolate non-infected hosts, devices and servers to resume business operations. Airgap’s Ransomware Kill Switch™ isolates hosts at multiple levels, at the network and at the host level. Host isolation locks down access to non-infected hosts to enable only the critical applications to continue to be accessed by non-infected hosts. The impact to the user experience is minimal if even noticed as critical business operations continue to operate.
      Containment, Eradication & Recovery
      Post-incident Activity
      Post-incident Activity
      No IR process can account for every possible ransomware scenario. Some scenarios can’t even be defended against until they’ve occurred. As the ransomware threat landscape is also ever-adapting so should your incident response processes will naturally need the occasional update.
      • Airgap data and analytics can be used in the preparation phase for the next incident
      • Gaining insights into the effectiveness of host firewall lockdown policies
      • Improve Airgap’s Zero Trust Isolation™ for enterprise networks to contain infected hosts with real time controls
      Unified Management for Zero Trust Network and Application Isolation
      By leveraging seamless cloud-deliered SaaS management, Airgap's agentless Ransomware Kill Switch augments and integrates with existing security postures for easy deployment with no forklift upgrades and no agents needed on endpoints and critical infrastructure.
        Unified Management for Zero Trust Network and Application Isolation

        Benefits

        For Security Executives
        • Instant security stack upgrade and enforcement authentication on all private and console apps
        • Create real-time “App store” per users and roles for complete security posture
        • No forklift upgrade and share the single Zero Trust Isolation™ management plane. Easy onboarding within minutes, not months
        • Support remote workforce with “cloud-edge” security closer to the users
        For Security Ops
        • Secure backup and recovery system with least privilage access and control
        • Agentless design without error-prone patch managment and security configuration silos
        • Control read/write/print granular access policies for compliance and audit report
        • Integrates with SIEM and SOAR platform seamlessly with the existing security posture
        Success Stories
        Success
        “With Airgap, we were able to remove the overhead of endpoint malware security products and get better visibility across the board.”
        global electronics manufacturing services
        Unleashed
        Zero Trust Isolation Unleashed
        The Unleashed ebook is for anyone who wants to learn about agentless segmentation in depth, understanding how Zero Trust Isolation features truly work.
        Ready to see us in action?
        Prevent lateral threat movement and stop ransomware propagation by ringfencing every endpoint. Protect high value assets and mission critical infrastructure.