Technical Tip: How to test FortiEDR's protection against ransomware encryption
| Description | This article describes a simple test to confirm FortiEDR's ability to defend against ransomware encryption. |
| Scope | FortiEDR. |
| Solution | The following PowerShell script simulates an encryption attack on a specified folder and its content: Encrypt-Delete-Test
It is highly advisable to run this in a lab environment:
Once enabled, the collector will detect the file rename attempt and block it:
The following security event will be generated:
|
