Thales banner

CipherTrust Transparent Encryption Ransomware Protection

Monitor and block ransomware behavior to protect critical data.

Get in Touch


Effective ransomware defense requires a multifaceted approach

Reliance on baseline security practices using next generation firewalls, secure email/web gateways and focusing on closing vulnerability gaps alone have not been sufficient to prevent ransomware attacks.

The main challenge facing Fortune 500 companies is to safeguard business critical data from being encrypted by unauthorized processes and users on endpoints and servers.


of organizations do not have a formal ransomware plan

Stop ransomware in its tracks

CipherTrust Transparent Encryption Ransomware Protection (CTE-RWP) continuously monitors processes for abnormal I/O activity and alerts or blocks malicious activity before ransomware can take complete hold of your endpoints and servers.

Using CTE-RWP as part of your ransomware defense strategy to protect critical data strengthens your overall security posture and avoids business disruption.

Read our Product BriefConsult a Security Expert

Why You'll Love CTE-RWP

Active Detection

CTE-RWP doesn't rely on known ransomware file signatures. Instead, it monitors active processes to detect ransomware – identifying activities such as excessive data access, exfiltration, unauthorized encryption, or malicious impersonation of a user

Easy to manage

Quickly deploy CTE-RWP as there is no need to configure user access policies. Leverage the same CipherTrust Manager console used for other tools in the CipherTrust Data Security Platform to simplify and unify your data security management

Reliable remediation

Since CTE Ransomware Protection monitors the processes for identifying activities, it will still flag/block the ransomware activity even if the ransomware was installed on the machine first and went undetected


Find out how CTE Ransomware Protection can help your business

Connect with a Thales data security expert for help tailoring a ransomware protection plan to your needs.

Request a Free Consultation

If you look at the scale, complexity and value of what we were trying to do, deploying the Thales CipherTrust Data Security Platform made perfect sense.

Arvin Bansal

Senior Director, Cloud Security and Data Protection AmerisourceBergen

CTE for Ransomware Protection FAQs

What is Ransomware?

Ransomware is a type of malicious software, or malware that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks are both costly and damaging to an organization’s reputation.

How does CTE-RWP defend against ransomware?

CTE Ransomware Protection (CTE-RWP) continuously enforces file/folder level ransomware protection with minimal configuration and no modification to any applications on the endpoint/server. It monitors for any abnormal file activity caused by ransomware infected processes, and alerts or blocks (per user configuration) when such an activity is detected.

Is this all the protection I need against ransomware?

The best defense against ransomware is multifaceted. CTE-RWP monitors processes for abnormal I/O activity on files. Adding a license for CipherTrust Transparent Encryption (CTE) provides additional benefits to guard against ransomware including access policies. There are other means that will decrease your risk factors such as being aware of phishing scams (how malware infects your machines), anti-virus software, and regular data backups. CTE-RWP is a huge step in managing your risks of a ransomware attack.

Is CTE-RWP licensed independently of CipherTrust Transparent Encryption?

CTE-RWP is a separate license purchase from CTE and can be used independently or in combination with a CTE license for multifaceted protection against ransomware. Both are managed through the central user interface within CipherTrust Manager.

Recommended Resources

CipherTrust Transparent Encryption Ransomware Protection

Ransomware has been on the rise since 2020, accounting for 25% of all data breaches. Ransomware attacks can bring business operations to a grinding halt by blocking access to critical data until a ransom is paid. The main challenge facing Fortune 500 companies is to safeguard business critical data from being encrypted by unauthorized processes and users on endpoints and servers.

Strengthen your defense against ransomware attacks with privileged access controls for your encrypted data - Solution Brief

Credential compromise is a leading cause of ransomware attacks because credentials like passwords can be stolen, shared, bought or hacked. Through integration with leading Multi-Factor Authentication (MFA) providers, MFA for CipherTrust Transparent enables organizations to add an additional layer of protection for sensitive data, dynamically at the access point.

Répondre à la menace grandissante des ransomwares

La protection et la prévention des ransomwares sont cruciales dans le monde actuel du travail à distance. Explorez les meilleures pratiques en matière de ransomware pour protéger vos données contre cette cybermenace.

Cadre de cybersécurité du NIST et orientation sur les ransomwares

Le centre d'excellence national américain en matière de cybersécurité (NCCoE), sous les auspices du NIST, a récemment publié son guide sur les ransomwares afin de protéger les actifs contre les attaques par ransomware.

Comment les rançongiciels utilisent les protocoles RDP (Remote Desktop Protocol) non protégés

Les attaques de ransomware ciblant les entreprises dans divers secteurs ont explosé en 2020. Comme de nombreuses entreprises ont mis en place le travail à domicile pour s'adapter à la pandémie, les points de terminaison du protocole RDP (Remote Desktop Protocol) non protégés ont été massivement utilisés comme vecteur d'attaque clé pour les attaques de ransomware.

Protégez votre entreprise contre les attaques de ransomware avec la solution de sécurité des données de Thales

Les ransomware sont un type de programme malveillant vicieux utilisé par les cybercriminels pour bloquer l’accès d’entreprises ou d’individus aux fichiers, bases de données ou systèmes informatiques complets essentiels à leurs activités, jusqu’à ce que la victime paie une rançon. C’est une forme de cyber-extorsion.

Related Products