We evaluated the CTERA Intelligent Data Platform for its ransomware detection and prevention capabilities delivered via the CTERA Ransom Protect feature across eight prevalent ransomware families, including advanced strains such as REvil and LockBit. Each attack was executed on the Govdocs1 dataset with the “Malicious Users” feature enabled and disabled to assess both alert generation and attack mitigation.
- 100% detection – All ransomware families were detected before completing encryption
- The median encryption rate across all detected ransomware samples was 2.28%, and the median time to block was 24.5 seconds
- With “Malicious Users” enabled, 100% of attacks resulted in less than 10% file encryption (median 2.28% of files affected), with a median time to block of 24.5 seconds, compared to full dataset encryption when the feature was disabled
These results validate that CTERA Ransom Protect is powerful against modern ransomware threats, combining rapid detection with effective prevention at the storage layer. By stopping attacks in real time, CTERA helps enterprises reduce downtime, protect critical file shares even when endpoints are compromised, and lower the operational burden of incident response.