Get a Free Report of the Software Running in Your Environment - Including Risks & Countries of Origin


What Is Ransomware?

Ransomware is malicious software that encrypts files, locking a victim out of their confidential data. If the victim pays the ransom, they may receive a decryption key that will restore their files and data access. If the demanded ransom is not paid, the threat actor may leak their data-on-data leak sites (DLS) such as the dark web and/or permanently block access to their files. As ransomware is distributed by cybercriminals, there is no guarantee that files will be decrypted if the ransom is paid, or that data wasn’t immediately leaked onto the dark web.

How to Stop Ransomware With ThreatLocker®

Application Allowlisting denies all executables, libraries, and scripts from executing, except those that are explicitly permitted to run in an environment.

Graphic of ThreatLocker computer showcasing Allowlisting and Ringfencing

Preventing Unauthorized File Encryption

Many cybercriminals use legitimate encryption tools such as 7-Zip to encrypt files. By using Allowlisting, legitimate tools that have not been explicitly allowed, including those that could be used to encrypt data, are blocked.

Illustration of files being locked down.

Streamlining Allowlisting

The process of deploying Allowlisting is extremely simple. ThreatLocker® learns what is required in your environment and, once secured, blocks everything else.

ThreatLocker Allowlisting Application Control Icon