Key Capture
Capturing encryption keys for automatic recovery
Key Capture is a patented technology that captures encryption keys from ransomware process memory before they are deleted. The system uses memory forensics and API hooking techniques to extract AES symmetric keys and RSA asymmetric keys. Even if ransomware manages to encrypt some files, the automatic decryptor uses the captured keys to immediately recover data without paying a ransom.
Enterprise-grade protection compliant with regulatory requirements and security standards
Fast deployment with minimal resource overhead
Dedicated support from a certified partner
Easy integration with your existing infrastructure
Key features
- Capturing AES-256 and RSA-2048/4096 keys from process memory
- Support for more than 50 major ransomware families (LockBit, BlackCat, Conti)
- Automatic decryptor with restoration of original names and metadata
- Integration with Veeam, Commvault, and Rubrik backup solutions
- Secure key storage with HSM encryption for captured keys
Business benefits
- Recovery of 100% of encrypted data without paying a ransom
- Elimination of the average ransom cost of $1.5M per incident
- Return to operations within hours instead of weeks of negotiation
- Complete elimination of the ethical dilemma associated with paying criminals
- 40% reduction in cyber insurance costs thanks to proven protection
Why Halcyon?
The world's first platform dedicated exclusively to ransomware protection. Halcyon uses advanced behavioral detection techniques to block encryption in real time, and in the event of an attack, enables automatic recovery of encrypted files without paying a ransom.
Need Key Capture in your organization?
As a certified Halcyon partner, we'll help you deploy and configure the solution.