Reference
This page provides reference information about Superna 5.x features and capabilities.
Detection Types
Threat Detection
Superna 5.x identifies and responds to these threat categories. For details on how threat detection works, see the Threat Detection documentation.
| Threat Category | Type | Category | Description |
|---|---|---|---|
| Data Creation and Deletion | Ransomware | Data Encryption and Manipulation | Creation of new encrypted data while removing original data |
| Data Encryption | Ransomware | Data Encryption and Manipulation | Creation of new encrypted data with specific extension while removing original data |
| Data Renaming | Ransomware | Data Encryption and Manipulation | Reading data followed by bulk file renaming |
| Security Guard Simulated Attack | System | System Functions | Automated self-test that simulates an attack to verify system functionality |
| Suspicious Extension | Ransomware | Suspicious Activities | File operations with extensions associated with ransomware (.blacksuit, .locky, .zzz) |
| Mass Delete | Data Loss | Destructive Actions | Multiple files or objects deleted from a single location |
| Data Loss Prevention | Data Theft | Suspicious Activities | Exceeded access threshold for Data Loss Prevention triggers |
| Honeypot Activity | Suspicious | Suspicious Activities | Interaction with honeypot files serving as tripwires across the file system |
| Data Overwrite | Ransomware | Data Encryption and Manipulation | Reading data followed by bulk overwriting of the same files |
| Multi-Extension File Modification | Ransomware | Data Encryption and Manipulation | Reading data followed by renaming files to multiple different extensions |
| Data Encryption | Ransomware | Data Encryption and Manipulation | Activity matching known encryption patterns resulting in new encrypted data |
| Data Overwrite | Ransomware | Data Encryption and Manipulation | Reading data followed by overwriting the same objects |
| Encryption Key Change | Ransomware | Data Encryption and Manipulation | Copying data with a new encryption key |
| Data Encryption | Ransomware | Data Encryption and Manipulation | Copying/uploading encrypted objects then deleting previous versions |
| Data Deletion | Data Loss | Destructive Actions | Bulk deletion of objects or buckets |