Forum Discussion

Mitchel_Erb's avatar
6 years ago

Ransomware Monitoring

Curious if anyone is leveraging LM for first line Ransomware detection.  Reading indicators typically include a high number of file name changes on the server/PC.  Seems like that would be something that LM could help us identify early on and alert out to take action before additional servers are compromised.  Looks like a working number is about 4 renames a second for the threshold.