Home / Companies / Crowdstrike / Blog / Post Details
Content Deep Dive

Playing Hide-and-Seek with Ransomware, Part 1

Blog post from Crowdstrike

Post Details
Company
Date Published
Author
Microsoft Visual Studio
Word Count
3,712
Company Posts That Month
Language
English
Hacker News Points
-
Post removed?
No
Summary

CrowdStrike's blog post explores the implications of using Intel's Software Guard Extensions (SGX) for ransomware key management within trusted execution environments (TEEs), known as enclaves. Enclaves enable secure cryptographic operations by isolating code and data from the operating system, thus preventing key exposure and facilitating secure storage across reboots. Despite the potential for ransomware authors to use enclaves to safeguard cryptographic keys from forensic retrieval, the post highlights the significant complexities and limitations of this tactic, which contribute to its low prevalence in the wild. CrowdStrike's Falcon platform provides robust defense against such threats by offering comprehensive visibility into enclave usage and leveraging event telemetry to detect and neutralize malicious activities.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
AI Agents 1 2,394 1,321 1 -
Secrets Management 1 437 72 18 +103%
Zero Trust 1 1,843 1,331 3 +61333%
Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.