Contents
Integrity Scan
The Elastio Command-Line Interface (CLI) includes an Integrity Scan (iScan) subsystem, accessible through the elastio iscan
command. This powerful tool detects threats such as ransomware, malware, non-ransomware encryption, and file system corruption across a variety of data assets.
Key Features of iScan
- Agentless Architecture: Operates without the need for installation on production hosts, ensuring minimal impact on workloads.
-
Comprehensive Detection:
- Ransomware and malware threats.
- Non-ransomware encryption activity.
- File system corruption.
- Off-Host Analysis: Conducts scanning on backups, file systems, block devices, and object storage without relying on agents, improving detection, isolation from threat actors, and scalability.
- Real-time Analysis: Conducts real-time integrity scans when backups or storage assets are created for detailed insight into ransomware, malware, and insider threats.
Comprehensive Ransomware Protection
Versatile Coverage
The elastio iscan
command supports a wide range of assets, ensuring comprehensive coverage across various environments, including:
-
AWS Resources:
- EBS volumes and snapshots
- EC2 instances
- AMIs
- EFS
- S3 buckets
-
File Systems:
- NTFS, FAT, Ext2-Ext4, and XFS
- Local paths
-
Backup Recovery Points:
- Any read-only mount point from backup vendors' recovery points
-
Azure Resources:
- Virtual Machines (VMs) and managed disks
Ransomware Detection
Identifies both detonated and pre-detonated ransomware our AI/ML ransomware intelligence engine, RansomwareIQ. It stays ahead of novel ransomware threats, detecting ransomware encryption that no other solutions can. Elastio reverse-engineered over 2,300 ransomware families and thousands of variants to build an adaptive model that precisely identifies ransomware encryption down to individual variants in individual files. Rather than rely on anomaly detection and signature-based scanning methods, which are easily bypassed, Elastio provides true AI-powered security for your last line of defense.
Non-Ransomware Encryption Detection
Identifies abnormal encryption patterns indicative of insider threats and non-ransomware activity, providing an additional layer of security.
Malware Scanning
Identifies enterprise-grade malware engine identifies the most recent malware signatures and enables rapid and accurate identification of established malware, ensuring prompt response to recognized threats.
File System Integrity Checks
Elastio's File System Integrity Checks are designed to ensure the structural soundness and recoverability of your file systems. By verifying the integrity of AWS Backup recovery points and snapshots, Elastio helps maintain data reliability and facilitates seamless restoration processes.
Integration with Existing Tools
Scan results can be integrated with Security Operations Centers (SOCs), Security Information and Event Management (SIEM) systems, or Cloud-Native Application Protection Platforms (CNAPP) via webhooks, facilitating seamless incorporation into existing security workflows.
Usage Example
To perform an Integrity Scan on an AWS EBS volume, execute the following command:
Replace <aws-ebs-volume-id>
with the actual EBS volume ID. Additional options are available to tailor the integrity scan to specific needs, such as focusing solely on malware detection or enabling entropy detection.
By leveraging the Elastio CLI's Integrity Scan feature, organizations can enhance their ransomware protection strategies, ensuring robust resilience against ransomware threats.