Anomaly Detection
Radar

Security Attacks Happen
Ransomware is becoming more common—and more sophisticated. It’s not easy to play perfect perimeter defense against every new strain. In the face of this challenge, organizations are looking to adopt a holistic, multi-level ransomware response strategy that integrates prevention and rapid recovery.
The most effective strategy for defending against ransomware is defense in depth. A defense in-depth approach incorporates prevention measures to keep threats out and accelerated recovery to minimize business impact in the event of an attack.
Radar: Recover Faster. Stay Smarter.
Polaris Radar helps you increase your resiliency against ransomware by making it faster and easier to recover from an attack. Radar helps you recover faster by providing a simple, intuitive user interface that tracks how your data changed over time. It replaces manual recoveries with just a few clicks for minimal business disruption. It also increases intelligence by using machine learning to actively monitor and generate alerts for suspicious activity.
► Recover Faster: Minimize downtime. Restore to most recent clean state with just a few clicks.
► Increase Itelligence: See how your data has changed to quickly identify what was impacted where. Leverage machine learning to detect and alert on anomalous behavior.
A Multi-Level Defense: How Radar Works
Detect Anomalies Via Machine Learning
Radar applies machine learning algorithms against application metadata to establish a normal baseline behavior for each machine. It proactively monitors the system by looking at behavioral patterns and flagging any activity that varies significantly from the baseline. Radar analyzes several file properties, including file change rates, abnormal system sizes, and entropy changes. Once an anomaly is detected, Radar alerts you to the unusual behavior via the UI and by email. By using machine learning, Radar can continuously refine its anomaly detection model over time and stay ahead of the most advanced threats.
w
Analyze Threat Impact With Data Intelligence
Radar continuously scans the entire environment to provide insights on how your data has changed over time. In the event of an attack, you can now quickly identify which applications and files were impacted and where they are located through simple, intuitive visualizations. Using the UI, browse through the entire folder hierarchy and drill-down to investigate what was added, deleted, or modified at the file-level. With Radar, you minimize the time spent discovering what happened and the data loss with granular visibility into the latest unaffected files.

Accelerate Recovery To Minimize Business Disruption
Radar’s simple user experience is powered by Polaris’ global management interface. After completing the analysis, you can simply select all impacted applications and files, specify the desired location, and restore to the most recent clean versions with just a few clicks. Rubrik automates the rest of the restore process, and users can track the progress through the UI. Since Rubrik captures all data in an immutable format, all data is safe to restore. Ransomware cannot access and encrypt the backup data.
