GREG EDWARDS wants channel pros to continue using layered security to protect clients against ransomware, but when it gets through anyway, the CEO of startup CryptoStopper says his solution detects and stops an attack in milliseconds.
The former MSSP developed CryptoStopper for his own company, started selling it direct in 2019, and in April 2021 rolled out a partner program. He’s now fully focused on the channel.
CryptoStopper uses deception technology rather than behavioral analysis, which products like Sophos or SentinelOne use, Edwards (pictured) explains. “We use ‘bait files’ that we deploy throughout the network to watch for the action of ransomware.” The bait files have 26 different extensions that mimic what users would have on a network, he says, such as Word or Excel files. An algorithm watches for encryption. “Once [ransomware] is detected, then we take automated action on that and isolate it from the network so that it doesn't continue doing damage.”
By stopping ransomware in less than a second, Edwards says, the damage is mitigated to “just a few files damaged as opposed to the entire network down.”
Pricing starts at $2 per endpoint per month. “We’ve a price point that's low enough that [MSPs] can even just add it to the stack and not have to go resell to their clients, or if they want to, they can upcharge.” CryptoStopper currently integrates with ConnectWise, Kaseya, and Datto, so MSPs can roll it out through their RMM, says Edwards.
An exfiltration detection capability has been in beta and was expected to be available mid-July. Next on the roadmap is ransomware detection on cloud file shares like Dropbox and OneDrive, Edwards says. “That's where we see the ransomware attackers will go next, is stealing from the cloud.” Availability is expected in the third quarter.
With CryptoStopper, Edwards says, MSPs can tell their clients, “We’re taking care of the ransomware problem, and we're not only doing risk mitigation, but damage mitigation.”