TripWire is unlike any other ransomware prevention tool.  TripWire doesn’t try to prevent the exploit from running, as the success of doing it that way varies based on the exploit.  Additionally, any new (zero-day) version of the exploit could slip past these defenses.  TripWire watches for execution of the exploit, and reacts immediately after the encryption process begins.  This seizes the exploit in its tracks – reducing, and (many times) eliminating damage caused by the exploit.  Best of all, you are protected from nearly any new version of an exploit – because TripWire doesn’t work like the rest.

​

Typically this costs anywhere between $1,000 and $100,000 or more to “unlock” your files, and even then there is no guarantee you’ll get your files back.  In 2015, users reported losing over $325 million to Ransomware style exploits.  That number will likely be higher every year.  Many times, anti-virus software doesn’t even notice these exploits, let alone protect you from them.  It’s not the fault of the anti-virus software though, because many of these exploits are encrypted themselves, so no anti-virus software, network edge protection, or other protection application is able to even see the code – assuming any of them have the proper definitions to accurately identify the exploit.