Details and registration here.

Ransomware Damage Remains High; AI Advancements Increase Risk of Exploiting Vulnerabilities Ransomware attacks continue to plague major corporations, causing business disruptions, data breaches, and supply chain impacts, posing serious threats to business continuity. Accelerating this situation is the advancement of AI, which speeds up the discovery and exploitation of vulnerabilities. With the advent of generative AI that enhances vulnerability discovery, the cycle, which previously took about a week from discovery to attack, has been reported to be shortened to within 24-48 hours in some cases. This leaves almost no grace period for patch application, further increasing the risk of attacks occurring before security personnel can respond. Furthermore, EDR, a key defense mechanism, inherently struggles to completely stop intrusions due to its "behavioral detection" nature, highlighting its fundamental limitation where some data may be encrypted during the detection time lag.

EDR is Evaded and Stopped; Encryption Attacks Go Undetected Due to Exploitation of Zero-Days and Legitimate Operations While many companies have introduced EDR, it is not uncommon for them to be unable to fully leverage its capabilities. Attackers evade or disable detection by forcibly terminating EDR processes or exploiting legitimate system functions to launch encryption attacks. In the case of attacks exploiting zero-day vulnerabilities, EDR alone has limitations in its response. Moreover, in companies lacking dedicated security personnel, alerts are often postponed for investigation and response, increasing the risk of overlooking signs of intrusion. The perception that "we are safe because we have EDR" can inadvertently obscure vulnerabilities in our defenses. If an encryption attack occurs with EDR disabled, system downtime can result in catastrophic damage directly impacting business continuity. There is a need for a mechanism that can prevent encryption even if EDR is stopped, serving as a "last line of defense" in addition to technical measures.

Proprietary Multi-Layered Defense Solution Specialized for Ransomware Attack Countermeasures This seminar will introduce "KeepEye RansomSafe," a solution developed by S&J, combining their expertise gained from SOC operations with their in-house development capabilities, specifically focused on stopping ransomware encryption before it executes.

KeepEye RansomSafe can be added as a complementary solution to existing EDR. It is designed to automatically detect and recover from attacks even if an attacker forcibly terminates the EDR process, by continuously monitoring multiple processes. It also identifies and stops fileless memory deployment attacks and disguised attacks that inject code into legitimate processes. It supports pre-verification through detection modes to suppress false positives, allowing for phased implementation while assessing the impact on the existing environment. To accommodate environments without dedicated security personnel, online consultations (up to 60 minutes) during emergencies are included in the contract. We will explain the approach to realistically achieve multi-layered defense against ransomware attacks that cannot be fully prevented by EDR alone, along with its specific mechanisms. Additionally, this seminar will feature actual demo videos to showcase how the solution functions against ransomware attacks.

Organizer/Co-organizer S&J Inc.

Cooperation Majisemi Inc.

Details and registration here

Majisemi will continue to hold webinars that are "useful for participants."

Past seminar presentation materials and other upcoming seminars can be viewed ▶here.

Majisemi Inc.

3-12 Kioicho, Chiyoda-ku, Tokyo 102-0094 Inquiries: https://majisemi.com/service/contact/

FACT BOX

  • Source: PR TIMES
  • Category: セミナー