Analysis of ransomware as a service using endpoint detection, response technology and mitigation techniques.

Cybersecurity is one of the most important things during a pandemic like today, considering that currently many people work from home so that when doing work, they are not monitored by company security devices, and one thing that needs to be watched out for is ransomware attacks that steal data and perform encryption of the data contained in our endpoint. The Endpoint Detection and Response (EDR) solution is the right solution in overcoming this problem, but EDR technology is just a technology that can be careless in dealing with ransomware attacks that have started to lead to ransomware as a service (Raas), where we all know the concept of ransomware as a service is the ability of ransomware to mutate and adapt to the existing endpoint environment, so that the ransomware can run on top of other ransomware that acts like services on our endpoints. Human capability to mitigate is also quite important apart from the EDR technology that is owned, knowledge of this can prevent all forms of this Raas attack, for that this research will show how EDR working using Deep Learning and to do the right mitigation against Raas attacks, by looking at how it works Raas to digital forensic actions starting from recording the timeline into dataset, which will create a story line, to preventive measures such as performing backups of every data owned by our endpoints which aims to prevent Raas attacks that cause considerable losses at this time, from this research we become aware of the dangers of race and can make appropriate mitigation steps to overcome it with EDR. [ABSTRACT FROM AUTHOR]