Better Together:
Halcyon + EDR

Halcyon complements EDRs by detecting ransomware attacks that bypass EDR tools, including exfiltration attempts. It also monitors for and detects any attempts to tamper with or disable EDR systems.

Halcyon Supplements EDR and XDR Tools

Halcyon breaks the ransomware attack chain, providing a complete defense to protect your business.

1

Supplemental   Ransomware-focused   Protection

EDR tools address a broad range of threats but lack specialization, allowing some attackers to bypass their controls. Halcyon adds a dedicated ransomware security layer specifically designed to stop the ransomware threats missed by EDR tools.

2

Safeguards Your EDR

One of the first things ransomware attackers often do is tamper with EDR tools to evade detection. Disabling EDR and EPP tools quickly expedites the deployment of ransomware tools and increases the dwell time until discovery. Halcyon doesn't just stop ransomware, it monitors your EDR, preventing tampering and evasion.

3

Ransomware Recovery

If ransomware bypasses your endpoint protection and Halcyon, we can quickly restore files to their original state. Halcyon captures the symmetric encryption keys ransomware uses to lock files, and our RDR team decrypts impacted data.

Close The Ransomware Protection Gap

EDR and backup solutions are essential — but not enough. Halcyon works alongside your existing security tools to defeat ransomware and extortion.
Endpoint

104%

Increase in successful ransomware attacks in the past 2 years
EPP/EDR/XDR
The Ransomware Gap
ANTI-RANSOMWARE
HALCYON: RANSOMWARE RESILIENCE + RECOVERY LAYER

How it Works Across the Attack Chain

INITIAL ACCESS
REMOTE ACCESS
PRIVIlege escalation
ENVIRONMENT Enumeration
credential Harvesting
Lateral Movement
Security Bypass
DATA EXFILTRATION
Backup DESTRUCTION
DATA ENCRYPTION
INITIAL ACCESS
Halcyon detects when attackers use malicious executables, brute force attempts, or command and control (C2) infrastructure to access your environment.
PREVENTION
DXP
After gaining initial access, attackers typically use remote access tools to carry out their attacks more effectively. Halcyon detects this activity, creating alerts for immediate investigations.
PREVENTION
DXP
Halcyon alerts and interrupts an attacker's attempt to escalate user privileges using malicious executables or vulnerable kernel drivers. 
PREVENTION
KERNEL GUARD
Halcyon identifies when an attacker attempts to enumerate your environment for recon and intel gathering, to make their attack ultimately more effective. 
PREVENTION
Halcyon understands attackers' methods to harvest valid user credentials, detecting and preventing their actions automatically. 
PREVENTION
Halcyon detects and prevents when attackers attempt to move laterally across your environment. For example, when using an RMM tool to try and connect to machines in environment, Halcyon can halt their progression. 
PREVENTION
Halcyon employs unique features like EDR Last Gasp and Tamper Guard to protect against attackers' attempts to bypass and disable security products in real-time. 
LAST GASP
TAMPER GUARD
Halcyon Data Exfiltration Protection (DXP) acts as an early warning system alerting you of an attacker's attempt to steal your data, yet to be caught by other security tools.
DXP
Halcyon can detect and disrupt an attacker attempting to gain initial access into your environment using malicious executables, brute force attacks, or command and control (C2) infrastructure.
BEHAVIORAL
DXP
Halcyon's ability to decrypt data using captured key material allows for an alternative recovery path if data is encrypted during a ransomware event. 
BEHAVIORAL
KEY CAPTURE

How it Works Across the Attack Chain

INITIAL
ACCESS
REMOTE
ACCESS
PRIVIlege
escalation
ENVIRONMENT
enumeration
credential
Harvesting
Lateral
Movement
Security
Bypass
DATA
EXFILTRATION
Backup
DESTRUCTION
DATA
ENCRYPTION
INITIAL ACCESS
Halcyon detects when attackers use malicious executables, brute force attempts, or command and control (C2) infrastructure to access your environment.
PREVENTION
DXP
After gaining initial access, attackers typically use remote access tools to carry out their attacks more effectively. Halcyon detects this activity, creating alerts for immediate investigations.
PREVENTION
DXP
Halcyon alerts and interrupts an attacker's attempt to escalate user privileges using malicious executables or vulnerable kernel drivers. 
PREVENTION
KERNEL GUARD
Halcyon identifies when an attacker attempts to enumerate your environment for recon and intel gathering, to make their attack ultimately more effective. 
PREVENTION
Halcyon understands attackers' methods to harvest valid user credentials, detecting and preventing their actions automatically. 
PREVENTION
Halcyon detects and prevents when attackers attempt to move laterally across your environment. For example, when using an RMM tool to try and connect to machines in environment, Halcyon can halt their progression. 
PREVENTION
Halcyon employs unique features like EDR Last Gasp and Tamper Guard to protect against attackers' attempts to bypass and disable security products in real-time. 
LAST GASP
TAMPER GUARD
Halcyon Data Exfiltration Protection (DXP) acts as an early warning system alerting you of an attacker's attempt to steal your data, yet to be caught by other security tools.
DXP
Halcyon can detect and disrupt an attacker attempting to gain initial access into your environment using malicious executables, brute force attacks, or command and control (C2) infrastructure.
BEHAVIORAL
DXP
Halcyon's ability to decrypt data using captured key material allows for an alternative recovery path if data is encrypted during a ransomware event. 
BEHAVIORAL
KEY CAPTURE

The Trusted Anti-Ransomware Experts

The Halcyon Difference

Dedicated to defeating ransomware

Security solutions claim they protect you from ransomware, yet ransomware attacks continue to succeed at an unprecedented pace. Why? Because most solutions are made for a wide range of threats. Halcyon is different. We are purpose-built to focus exclusively on detecting and disrupting ransomware before damage occurs.

Wherever Ransomware Goes, We're Waiting.

Halcyon protects across every stage of ransomware — from pre-execution to data exfiltration to encryption.

Learn More
Learn More

Ransomware SOC Included

Our team of experts battle ransomware for you, at no additional cost.

Learn More
Learn More

Business Continuity, Guaranteed

Reduce risk with our included ransomware recovery and services-based warranty.

See How
See How

Halcyon Closes the Ransomware Gap

Counter ever evolving ransomware risks while boosting the effectiveness of your EPP, EDR and XDR solutions. Halcyon frees your team to focus on what matters most by fortifying your security against risk. Ransomware protection that powers progress.

Prevent Ransomware Execution with Our AI-Driven Engine

Trained with a hyper focus on recognizing ransomware, our AI engine detects and prevents malicious files, apps, and processes, even if it's a brand-new or zero-day threat.
Request a Demo

Thwart Vulnerable Driver Exploitation

Kernel Guard Protection blocks attackers from exploiting trusted but vulnerable drivers, stopping BYOVD attacks in their tracks and keeping your system secure from outside threats
Download Datasheet

Protect Against EDR Tampering and Sabotage

Quickly identify any tampering or sabotage of key security services like Microsoft® Defender, CrowdStrike®, SentinelOne®, and Palo Alto Networks® Cortex®, so attackers can’t slip in undetected.
Get a Demo

Deter Living off the Land Attacks

Detect and stop ransomware attacks launched through PowerShell®, WMIC, and other tools neutralizing their efforts, and automatically protect your volume shadow services (VSS) from being corrupted.
Book a Demo

Uncover Data Exfiltration Efforts

Spot and identify data theft attempts by monitoring suspicious IPS, DNS activity, and data volumes protecting you from ransomware’s now common ‘double-extortion’ tactics.
Learn More

Detect and Disrupt Encryption Attempts

Automatically capture encryption keys and data attackers use during a ransomware attack so you can rapidly recover your files and skip paying the ransom.
Learn More

Ready to take ransomware off your worry list?

Stop attacks, respond faster, leverage industry leading threat intel with Halcyon RDR and shut down extortion before it starts. Talk to a Halcyon expert today.

Get a 20-minute LIVE ransomware prevention demonstration.
Learn how Halcyon eliminates the business downtime risks from an attack.
See how Halcyon stops data extortion attacks and data exfiltration.
Discover why ransomware protection goes beyond traditional endpoint controls.