Acronis Cyber Protect Cloud
For service providers

Application Catalog

Integrations with the tools and services you know and trust
Integration: Canauri
Category: Endpoint Security
Company: Canauri

Canauri Ransomware Protection

Canauri was designed to detect and stop actively running ransomware. Canauri protects endpoints by deploying hidden honeypot files to the protected folder. Canauri monitors these hidden honeypot files for ransomware activity and reacts in the event of a ransomware attack. Canauri also has advanced monitoring features like native file monitoring and extension change monitoring.
  • Acronis
  • Acronis
  • Acronis
  • Acronis
  • Acronis
  • Acronis
  • Acronis
  • Acronis

Canauri Portal

The portal is the central management system for Canauri agents. You can create new customer accounts, update notification and endpoint settings, and monitor agent status from the portal.


Honeypot Files

Canauri creates ‘Honeypot files’ that are used as bait by Canauri as it continuously monitors the files for signs of ransomware activity. The honeypot files have random file names, random file extensions and random file sizes. This allows the honeypot files to comingle between company data files and detect the ransomware attack wherever it may start in the protected folder.


The driver feature improves upon the first generation of Canauri that relied on Windows event logging only. Because the driver has visibility to the kernel it can gather more information about an event, and it can do it much faster. This next generation feature for Canauri can detect and stop an attack in a second or less.

Native File Monitoring

For every folder protected by Canauri, native file monitoring can also be enabled. Native file monitoring is a process of recruiting data files to monitor. This feature prevents ransomware from evading detection by skipping hidden files. Monitoring native files, increases the speed of detection as well because now we are seeing the ransomware hit data files and honeypot files at the same time.

Extension Change Monitoring

Almost every variant of ransomware changes the file extension on files after they have been encrypted so monitoring for X number of file extension changes in X number of seconds is a very good way to detect ransomware activity.

Embedded Key Installer

Each Canauri customer account contains a link next to the license key to download a key embedded installer. This installer has the customer key embedded and will install Canauri and link to the customer account automatically. This feature can be scripted for ease of deployment.

Auto Protect Functions

When Canauri is installed, it will scan for all directories on the default volume, all user profiles, and all shared drives and protect all areas. The auto protect feature simplifies the installation process by automatically protecting the key ransomware targets.

Portal White Labeling

Canauri allows partners to upload their own logos to the portal and change the background color in the browser.


Canauri is working to develop robust reporting to provide greater visibility to your customers and endpoints. Currently the portal offers an Active Paid License report and an Agent Offline Report. Our development team is working on more reports which will be released soon.

Can’t find your favorite tool or service?
With the Acronis Cyber Protect Cloud platform, developers, software vendors and service providers can build new applications and share them with the Acronis community. Building a new application is fast and easy with a powerful low-code CyberApp Standard development framework. You can build a new integration or nominate your favorite tool for integration.