Attacks on ESXi servers have been in the news lately, notably the alleged MGM Casino’s ransomware attack which cost the company about $100 million, as well as the alleged ransomware attack on Johnson Controls resulting in a $60 million impact. These types of attacks are devastating because many virtual machines (VMs) run on ESXi hypervisors at once, meaning if a hypervisor is successfully attacked, hackers bring down all its hosted VMs. Because of this, attacks on ESXi servers are rising, growing from two attacks in 2020 to more than 1,000 in 2022.
Now, you can protect your hypervisors. ZeroLock®, the autonomous zero-trust security platform from Vali Cyber™, has been expanded to protect ESXi hypervisors. The ZeroLock platform combines attack prevention with AI-behavioral detection, automated file rollback, and more to offer ESXi hypervisors multilayered protection from attacks like ransomware.
Join Gary Mello, Vali Cyber’s VP of Solutions Engineering, in examining the ESXi threat landscape and discussing why existing protections for ESXi are insufficient. Then, dive into a demo of multiple features and different kinds of attacks on ZeroLock for ESXi to demonstrate ZeroLock’s multilayered protection, including:
- Using lockdown rules to prevent shutdown of your VMs
- Leveraging ZeroLock’s program filter to block new executables
- Creating SSH MultiFactor Authentication to verify credentials
- Detecting and remediating fileless ransomware attacks with ZeroLock’s AI-behavioral detection
Additionally, we will touch on the logistics of integrating ZeroLock in your environment, including ZeroLock’s API-first architecture, low overhead, false positive rates of <1% for attacks like ransomware, and additional Linux environments that support ZeroLock. Currently, ZeroLock for ESXi is available for early access on hypervisors running ESXi version 6.7+, though earlier versions can be supported upon request.