Application Catalog

Canauri creates ‘Honeypot files’ that are used as bait by Canauri as it continuously monitors the files for signs of ransomware activity. The honeypot files have random file names, random file extensions and random file sizes. This allows the honeypot files to comingle between company data files and detect the ransomware attack wherever it may start in the protected folder.

The driver feature improves upon the first generation of Canauri that relied on Windows event logging only. Because the driver has visibility to the kernel it can gather more information about an event, and it can do it much faster. This next generation feature for Canauri can detect and stop an attack in a second or less.

For every folder protected by Canauri, native file monitoring can also be enabled. Native file monitoring is a process of recruiting data files to monitor. This feature prevents ransomware from evading detection by skipping hidden files. Monitoring native files, increases the speed of detection as well because now we are seeing the ransomware hit data files and honeypot files at the same time.

Almost every variant of ransomware changes the file extension on files after they have been encrypted so monitoring for X number of file extension changes in X number of seconds is a very good way to detect ransomware activity.

Each Canauri customer account contains a link next to the license key to download a key embedded installer. This installer has the customer key embedded and will install Canauri and link to the customer account automatically. This feature can be scripted for ease of deployment.

When Canauri is installed, it will scan for all directories on the default volume, all user profiles, and all shared drives and protect all areas. The auto protect feature simplifies the installation process by automatically protecting the key ransomware targets.

Canauri allows partners to upload their own logos to the portal and change the background color in the browser.

Canauri is working to develop robust reporting to provide greater visibility to your customers and endpoints. Currently the portal offers an Active Paid License report and an Agent Offline Report. Our development team is working on more reports which will be released soon.