We have had a limited episode of Ransomware and we would like to know if there are any sensors that can be used to detect anomalous behavior: we thought about using the Business Process Sensor to define certain conditions such as if there is an increase in Internet traffic, consumption of shared disk and others similar (a pattern that resembles an attack of this type), the BPS goes into warning and sends us a notification. But this sensor considers the sensors of its channels in Warning as normal ... therefore it is not suitable for us.
Is there any other way to monitor this ransomware situation with PRTG?
Thanks!
Add comment