- ESET adds Ransomware Remediation to the ESET PROTECT Platform as part of its latest B2B update.
- Ransomware Remediation works with, and is enabled by, the ESET Ransomware Shield, which monitors for and blocks sophisticated attacks.
- Ransomware Remediation creates temporary encrypted backups of important data, all in a sequestered environment untouchable by untrustworthy apps and processes.
- ESET is also updating its ESET Cloud Office Security module with anti-spoofing and homoglyph protection, profoundly increasing email security.
- In addition, ESET AI Advisor has received stability and performance improvements and can now work with incidents created automatically by ESET Inspect and its users and those generated by the ESET MDR service.
BRATISLAVA, Slovakia — March 25, 2025 — ESET, a global leader in cybersecurity solutions, today released new updates for the ESET PROTECT Platform. The new business-oriented update, among other notable changes such as new functionalities for ESET Cloud Office Security and the ESET AI Advisor, includes the Ransomware Remediation feature, a new way to prevent ransomware encryption from causing long-term business disruption.
Ransomware attacks have become particularly sophisticated, as threat actors seek to undermine every aspect of security stability that a business has. The key element of these attacks is encryption, blocking access to business systems, causing costly process disruption, and ultimately forcing firms to pay to decrypt their systems. Threat actors go as far as targeting system backups, deleting or corrupting them, leaving nothing to chance. This makes recovery almost impossible, driving up remediation costs as well.
Prior to this update, multilayered ESET LiveSense technology acting via Ransomware Shield, Network Attack Protection and/or the Host-Based Intrusion Prevention System (HIPS) worked to proactively prevent ransomware and other sophisticated attacks from causing harm. Specifically, Ransomware Shield, which monitors and evaluates all executed applications based on their behavior and reputation, is designed to detect and block processes that resemble the behavior of ransomware.
Now, to take the initiative away from the threat actors and put it into the hands of businesses themselves, ESET is upgrading Ransomware Shield (RS) with Ransomware Remediation (RR), a proprietary backup solution created to protect against ransomware encryption.
ESET RR works in concert with RS, which prompts RR to create backups as soon as it flags suspicious activity. It will continue to do so until RS decides the process is OK, at which point the backup is discarded. Otherwise, RS decides the process is malicious, kills it, and rolls back files from the backup.
Unlike other solutions based on the Windows Volume Shadow Copy service, the backups created by RR cannot be abused by the attackers. RR has its own protected storage section on the drive, where files cannot be modified, corrupted, or deleted by the attacker. This actively solves one of the most common failings of regular backups during a ransomware attack.
The only real limitation of the remediation function is drive size and a single-file size limit of 30MB. Admins should, therefore, know which file types to add to RR’s filter to apply during its course of action.
“ESET has a storied history in working against ransomware, both in the context of our endpoint security platform, our service offerings such as ESET MDR, and our part in the No More Ransom initiative. With the Ransomware Remediation feature, we want to emphasise that it doesn’t take a village to protect against sophisticated attacks. All it takes is a simple solution and a few clicks — leave the rest to ESET,” said Michal Jankech, Vice President, Enterprise & SMB/MSP at ESET.
RR is a free addition included in the ESET PROTECT Advanced tier and above and is only available for Windows-based systems. Critically, for this feature to work, RS must be enabled; however, it is activated by default so that customers are protected from the get-go.
But the updates don’t stop there. ESET is also adding anti-spoofing and homoglyph protection to its ESET Cloud Office Security (ECOS) module, preventing attackers from pretending to be trusted sources while also identifying their efforts to disguise malicious domains or URLs through letter substitution from other alphabets. Moreover, ECOS now also has an email clawback feature, enabling swift recall and quarantine of any delivered emails deemed suspicious. This all happens within new dashboards, which include fully customisable tabs and components that fit a user’s specific needs, with visually enhanced and new elements.
In other update news, ESET AI Advisor has received stability and performance improvements and can now work with incidents created automatically by ESET Inspect and its users and those generated by the ESET MDR service. With a greater set of data to process, ESET AI Advisor will stand out even more in its delivery of SOC-level advisory, enabling enhanced security analyst workflows. ESET AI Advisor is now also available as an add-on to the ESET PROTECT Enterprise, ESET PROTECT Elite, and ESET PROTECT MDR subscription tiers.
For more information about the ESET LiveSense technologies used by the ESET PROTECT Platform, please visit here.
For more information about the ESET PROTECT Platform, please visit our dedicated webpage.
For more information about ESET Cloud Office Security and the ESET AI Advisor, please visit our webpage and our AI blog.
To discover how ESET has been handling ransomware, please read ESET MDR success stories and ESET Inspect’s preventive power.
About ESET
ESET® provides cutting-edge digital security to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of known and emerging cyberthreats — securing businesses, critical infrastructure, and individuals. Whether it’s endpoint, cloud or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. An ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit www.eset.com/uk or follow us on LinkedIn, Facebook, and X.
