top of page

Ransomwiz from Nyotron Lets Cyber Pros Build Safe Ransomware Attacks

Nyotron, provider of the industry's first automatic Endpoint Detection and Response (EDR) with integrated prevention, today announced the release of Ransomwiz, a free online tool that empowers security teams with the ability to challenge their security products against ransomware. Ransomwiz allows security professionals to take the attacker's front seat, and generate actual ransomware samples using a variety of real-world attack techniques.

Hackers have been unleashing ransomware attacks for years, and the problem is only growing. According to Verizon's 2020 Data Breach Investigations Report, ransomware is the third most common malware breach, accounting for approximately 20% of such attacks. The problem is exacerbated by the easy availability of ransomware from marketplaces and forums, and the growing remote workforce that has drastically increased the attack surface.

The launch of Ransomwiz follows Nyotron's announcement late last year of RIPlace, a unique evasion technique that enables cyberattackers to maliciously encrypt files under the radar of existing anti-ransomware, EPP and EDR products. Ransomwiz is a robust platform designed for the use of IT and security professionals who are looking to evaluate and improve their security posture, as well as for educational purposes. The platform shines a light on the attacks and distribution methods hackers use.

Ransomwiz is easy to understand and can be used by even the most junior security personnel. Users only need to select a directory to encrypt and choose which ransomware sample to run. Advanced customization features include overwrite options and the ability to select the rename and RIPlace method of distribution.

"The battle against ransomware can only be faced head-on by giving enterprises the awareness and tools to first understand and then properly defend against these types of attacks," said Nir Gaist, Founder and CTO of Nyotron. "Before we announced RIPlace last year, we informed many vendors of the potential disaster that could occur. Unfortunately, almost a year after, most security products are still exposed to RIPlace, as well as to endless other techniques - which is why we felt the need to launch Ransomwiz and give security teams a way to do their own diligence and simulate attacks."

Ransomwiz is now available to the public and can be accessible at

About Nyotron:

Nyotron pioneers a new generation of automatic Endpoint Detection and Response with integrated protection called Endpoint Prevention and Response (EPR). Nyotron's PARANOID prevents damage caused by malware that evades existing security layers and offers granular visibility into the attack. Based on the OS-Centric Positive Security, PARANOID automatically whitelists trusted operating system behavior and rejects everything else. Its real-time protection doesn't rely on a SOC team or alert handling overhead. No manual threat hunting, baselining, machine learning or cloud connectivity required. With PARANOID, organizations gain true defense-in-depth protection against the most advanced attacks and can continue their digital transformation journey safely. Nyotron is headquartered in Santa Clara, CA with an R&D office in Israel.


bottom of page