CryptoStopper™ Features
Software to detect and stop ransomware
CryptoStopper™ Product Tour
Stop actively running ransomware with our detection software
CryptoStopper™ is proven ransomware detection software to stop actively running ransomware infections on Windows workstations and servers. Want to try it for yourself? Check out our free ransomware simulator to see how CryptoStopper™ works!
Watcher files
CryptoStopper™ uses deception technology to detect ransomware. During the installation process, decoy files are strategically deployed. We call these Watcher Files. When ransomware begins the encryption process, CryptoStopper™ detects it in real-time and takes action.
Quick setup
Cyber security tools don’t need to be over burdensome. CryptoStopper™ doesn’t require additional hardware for you to maintain. Our ransomware detection software will have you protected in a matter of minutes.
Fast acting
When ransomware attacks, CryptoStopper™ takes swift action. An administrative alert is sent to your security team with critical details about the attack. The infected workstation is automatically shutdown to prevent further network damage.
Always watching
With the Watcher Files deployed, CryptoStopper™ is continually monitoring for nefarious encryption activity. Even if the Watcher Files are deleted they self-heal and are protecting you again in milliseconds.
Signature-less
Unlike Anti-Malware, CryptoStopper™ is signature-less. Because CryptoStopper™ is watching for the encryption action itself, it will always detect the activity of encryption rather than detecting the specific variant of ransomware running.
Unavoidable
Ransomware can’t avoid tripping over the Watcher Files. The Watcher Files are randomly generated to avoid detection. We are continually researching the latest ransomware variants to ensure CryptoStopper™ remains unavoidable.
See WannaCry and CryptoStopper™ work in real time
Watch CryptoStopper™ detect and respond to a WannaCry ransomware attack.
Feature Comparison
| Anti-Malware | CryptoStopper™ | |
|---|---|---|
| Always-on protection | ✓ | ✓ |
| Active defense | ✓ | ✓ |
| Signature-less detection | ✓ | |
| Deception technology | ✓ | |
| Server protection | ✓ |
CryptoStopper™ System Requirements
CryptoStopper Workstation
Windows 7
- Service Pack 1
- WMF 3.0
- 64-bit versions, Windows6.1-KB2506143-x64.msu
- 32-bit versions: Windows6.1-KB2506143-x86.msu
Windows 8, Windows 8.1 & Windows 10
- No Prerequisites
CryptoStopper Server
Windows Server 2008 R2
- Service Pack 1
- WMF 3.0 (KB2506143-x64.msu)
- SBS not supported
Windows Server 2012, 2016 & 2020
- No minimum requirements, its ready to go.
Network Requirements – Domain Environment
Frequently Asked Questions
Signature based products like anti-virus are not able to detect zero-day threats and AV is only about 43% effective. Ransomware gets past your traditional defenses by using social engineering attacks against the company employees whom are not consistently able to distinguish a phishing email from a valid email. To make matters worse fileless ransomware attacks only require an employee to visit a site to start a ransomware attack that runs solely in memory. No files touch the disk so AV never detects it.
We offer a 60 day money back guarantee. No other guarantee.
Yes. CryptoStopper™ uses an algorithm to monitor specially crafted WatcherFiles™. When Ransomware attacks your server, CryptoStopper™ correlates the offending user and immediately isolates that user. It simultaneously notifies the admin via email.
Yes, we offer a 60 day money back guarantee.
The average time to detection is :09 seconds.
Instead of monitoring each endpoint with CryptoStopper™, we monitor the data that sits on the file server, and again once a threshold is met, we flag that as ransomware.
Setting the archive bit will not activate CryptoStopper™ since setting the archive bit doesn’t modify the file. The archive bit is simply an attribute of the file.
CryptoStopper™ is extremely lightweight. The software only monitors the files that it creates so it’s not burdened by watching thousands of files.
Yes. WatchPoint provides automatic updates to CryptoStopper.
A typical install will take 15 minutes or less.
Yes, we have a beta version available now. Click here to download.
No, your backup only updates the archive bit and doesn’t modify the file.
CryptoStopper™ will detect all ransomware.
No. The software is not a HIPs. We monitor the data to look for an excessive amount of changes. Once that threshold is met, we know it’s ransomware or possibly an anomaly that should be investigated immediately.
CryptoStopper™ should be installed on your server to monitor for infections.
Potentially, although the false positives should be minimal we have found instances where a program folder is located in the same path as a protected shared folder. If the software is reinstalled you will get a false positive.
Still not sure?
If you’re not quite ready to buy, you can learn more about ransomware and what CryptoStopper™ does to protect you.