Ransomware protection for on-premises systems and infrastructure is the goal of the latest release from “smart infrastructure” vendor Nebulon. Credit: iStock Smart infrastructure provider Nebulon today announced the immediate availability of TripLine, an early warning system for cryptographically based ransomware attacks on on-premises systems. It’s designed to quickly identify the precise time and system location where an attack has occurred.Nebulon said that the new service uses two techniques to achieve this aim. The first is the “secure enclave,” which is a domain isolated from the infrastructure that includes core management and storage functions. Second, it embeds the TripLine functionality into the company’s core Nebulon ON cloud control plane.Ransomware is malware that typically encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.TripLine, according to the company, works by identifying encrypted vs. unencrypted blocks in a user’s storage arrays. Twice a minute, the results of that calculation are sent to the Nebulon ON cloud service, which compares it to the usual average of encrypted blocks — if the system notices a sudden increase in encrypted blocks, it generates an alert. Protecting server-based infrastructureThe idea is to provide a secure alternative to hyperconverged infrastructure systems, which, according to Nebulon, are highly vulnerable to encryption attacks because there’s no isolation between infrastructure and the applications running on them. Even anti-cyberattack systems that rely on snapshotting can become corrupted, making it much more difficult to recover from such an attack.“This leaves enterprises with no choice but to re-install and reconfigure operating systems and clustering software, then recover application data from backup servers which have also likely been compromised,” Nebulon said in a press release. According to David Vellante, an analyst and co-founder of SiliconANGLE, there are other ways to get the functionality that TripLine provides, but the idea of having an out-of-the-box solution for this particular niche — given Nebulon’s position as a provider of cloud-like management functionality for on-premises systems — is attractive.“From what I can tell, they’re combining threat detection with an isolation architecture using secure enclaves, which is a relatively new approach first popularized by cloud players like AWS via their Arm-based Nitro system,” he said. “So this has certain aspects of that capability — i.e. isolation, cloud native experience – but it brings this capability to on-prem infrastructrure.”Nebulon also announced smartDefense, an infrastructure security toolkit that includes threat vector detection and a secure boot system that maintains a known-good configuration for further defense against cryptographically based ransomware attacks.Both smartDefense and TripLine are available today, and are part of Nebulon’s all-inclusive licensing for its ON Pro and ON Edge suites. Those products are sold via server vendor partners like HPE, Lenovo and Dell, and priced on a per-server, per-term basis. Related content news Amazon debuts biometric security device, updates Detective and GuardDuty Amazon’s latest security offerings, announced at its re:Invent conference, cover everything from advanced biometrics to new tools for defeating runtime and cloud threats, including identity and access management (IAM) capabilities. By Jon Gold Nov 29, 2023 3 mins Biometrics Security Monitoring Software Threat and Vulnerability Management news Almost all developers are using AI despite security concerns, survey suggests About 96% of developers are using AI tools and nearly eight out of 10 coders are bypassing security policies to use them, while placing unfounded trust into AI’s competence and security, according to the report by Snyk. By John Mello Jr. Nov 29, 2023 4 mins Development Tools Security Practices Supply Chain news FBI probes Pennsylvanian water utility hack by pro-Iran group Federal and state investigations are underway for the recent pro-Iran hack into a Pennsylvania-based water utility targeting Israel-made equipment. By Shweta Sharma Nov 29, 2023 4 mins Cyberattacks Utilities Industry feature 3 ways to fix old, unsafe code that lingers from open-source and legacy programs Code vulnerability is not only a risk of open-source code, with many legacy systems still in use — whether out of necessity or lack of visibility — the truth is that cybersecurity teams will inevitably need to address the problem. By Maria Korolov Nov 29, 2023 9 mins Security Practices Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe