Server Backdoor Detection and System Changes Rollback


Sometimes attackers aim at something more than just stealing or destroying valuable data. Tampering with system configuration files and vital system components may damage enterprise productivity, disrupt established workflows, or even temporarily stop ongoing work.


Such damages can be prevented by rolling back system changes in due time; however, to do this properly, you need to know exactly what the intruder did and where the changes occurred. Ekran System allows you to locate the changes made in the system so that the rollback procedure is performed exactly to the moment before changes were made thus avoiding any data loss.


Ekran System’s advanced monitoring possibilities provide you with all necessary information to undo the harmful actions and prevent further incidents. The information crucial for immediate incident response includes:


  • The person who performed system changes
  • The files or Registry keys that were modified
  • The exact time system changes were applied