The Halcyon
Anti-Ransomware Platform

Eliminate ransom payments, ensure operational continuity, and protect businesses from data extortion.
Get a Demo
Get a Demo
A screenshot of a computer screen with a red button that says "Offending Hash" on it.

What’s Included

The Halcyon platform combines our anti-ransomware technology, 24/7 managed service, and ransomware warranty to eliminate the risk of ransomware to your business.
Anti-Ransomware Technology

Halcyon protects across every stage of ransomware — from pre-execution to data exfiltration to encryption.

Ransomware Detection & Recovery (RDR)

Our 24/7 RDR team of experts handles the fight against ransomware for you, serving at no additional cost.

Ransomware
Warranty

Reduce risk with our comprehensive ransomware warranty.

Anti-Ransomware Technology
Anti-Ransomware Technology

End-to-End Ransomware Protection

Halcyon provides full-cycle protection against ransomware, identifying and proactively disrupting attackers at every stage of the ransomware attack chain. With behavioral engines trained on indicators of ransomware, we detect suspicious activity early in the attack chain. If an attacker gains a foothold, we prevent execution and detect data exfiltration attempts. And if your worst day happens, we can even decrypt and recover your data without relying on backups.
Learn More
Halcyon Ransomware Detection &
Recovery (RDR) Service

24x7 Ransomware SOC Included

A team of ransomware experts monitors your environment 24/7/365 as part of our included Ransomware Detection and Recovery (RDR) service. They do all the heavy lifting for you – investigating alerts, responding to threats, and leading the recovery effort if you are impacted by ransomware.
Learn More
The Halcyon Ransomware Warranty

Business Continuity, Guaranteed

Ransomware not only demands payment — it also disrupts operations. That’s why Halcyon offers a comprehensive Ransomware Warranty. If an attack bypasses Halcyon’s defenses, we provide expert-led incident response and recovery services at no extra charge, helping your business get back on track quickly.
Learn More

How Halcyon Works Across the Attack Chain

INITIAL ACCESS
REMOTE ACCESS
PRIVIlege escalation
ENVIRONMENT Enumeration
credential Harvesting
Lateral Movement
Security Bypass
DATA EXFILTRATION
Backup DESTRUCTION
DATA ENCRYPTION
INITIAL ACCESS
Halcyon detects when attackers use malicious executables, brute force attempts, or command and control (C2) infrastructure to access your environment.
PREVENTION
DXP
After gaining initial access, attackers typically use remote access tools to carry out their attacks more effectively. Halcyon detects this activity, creating alerts for immediate investigations.
PREVENTION
DXP
Halcyon alerts and interrupts an attacker's attempt to escalate user privileges using malicious executables or vulnerable kernel drivers. 
PREVENTION
KERNEL GUARD
Halcyon identifies when an attacker attempts to enumerate your environment for recon and intel gathering, to make their attack ultimately more effective. 
PREVENTION
Halcyon understands attackers' methods to harvest valid user credentials, detecting and preventing their actions automatically. 
PREVENTION
Halcyon detects and prevents when attackers attempt to move laterally across your environment. For example, when using an RMM tool to try and connect to machines in environment, Halcyon can halt their progression. 
PREVENTION
Halcyon employs unique features like EDR Last Gasp and Tamper Guard to protect against attackers' attempts to bypass and disable security products in real-time. 
LAST GASP
TAMPER GUARD
Halcyon Data Exfiltration Protection (DXP) acts as an early warning system alerting you of an attacker's attempt to steal your data, yet to be caught by other security tools.
DXP
Halcyon can detect and disrupt an attacker attempting to gain initial access into your environment using malicious executables, brute force attacks, or command and control (C2) infrastructure.
BEHAVIORAL
DXP
Halcyon's ability to decrypt data using captured key material allows for an alternative recovery path if data is encrypted during a ransomware event. 
BEHAVIORAL
KEY CAPTURE

How it Works Across the Attack Chain

INITIAL
ACCESS
REMOTE
ACCESS
PRIVIlege
escalation
ENVIRONMENT
enumeration
credential
Harvesting
Lateral
Movement
Security
Bypass
DATA
EXFILTRATION
Backup
DESTRUCTION
DATA
ENCRYPTION
INITIAL ACCESS
Halcyon detects when attackers use malicious executables, brute force attempts, or command and control (C2) infrastructure to access your environment.
PREVENTION
DXP
After gaining initial access, attackers typically use remote access tools to carry out their attacks more effectively. Halcyon detects this activity, creating alerts for immediate investigations.
PREVENTION
DXP
Halcyon alerts and interrupts an attacker's attempt to escalate user privileges using malicious executables or vulnerable kernel drivers. 
PREVENTION
KERNEL GUARD
Halcyon identifies when an attacker attempts to enumerate your environment for recon and intel gathering, to make their attack ultimately more effective. 
PREVENTION
Halcyon understands attackers' methods to harvest valid user credentials, detecting and preventing their actions automatically. 
PREVENTION
Halcyon detects and prevents when attackers attempt to move laterally across your environment. For example, when using an RMM tool to try and connect to machines in environment, Halcyon can halt their progression. 
PREVENTION
Halcyon employs unique features like EDR Last Gasp and Tamper Guard to protect against attackers' attempts to bypass and disable security products in real-time. 
LAST GASP
TAMPER GUARD
Halcyon Data Exfiltration Protection (DXP) acts as an early warning system alerting you of an attacker's attempt to steal your data, yet to be caught by other security tools.
DXP
Halcyon can detect and disrupt an attacker attempting to gain initial access into your environment using malicious executables, brute force attacks, or command and control (C2) infrastructure.
BEHAVIORAL
DXP
Halcyon's ability to decrypt data using captured key material allows for an alternative recovery path if data is encrypted during a ransomware event. 
BEHAVIORAL
KEY CAPTURE

Schedule a Halcyon 
Demo Today

Want to stop ransomware, recover from attacks without backups, and prevent data extortion? Connect 
with a Halcyon ransomware expert!

Get a 20-minute LIVE ransomware prevention demonstration.
Learn how Halcyon eliminates the business downtime risks from an attack.
See how Halcyon stops data extortion attacks and data exfiltration.
Discover why ransomware protection goes beyond traditional endpoint controls.