Compass, SpyCloud

Additional Info

Company size (employees)100 to 499
Headquarters RegionNorth America
Type of solutionCloud/SaaS


From the technology sector to critical infrastructure, ransomware is an escalating problem. Malware infections on personal unmanaged or undermanaged devices create an increased attack surface for cybercriminals to sidestep traditional ransomware protection solutions. Current ransomware prevention tactics are insufficient, and organizations need a solution to identify potential attacks and ensure a swift recovery from breaches and malware infections.

The 2022 SpyCloud Ransomware Defense Report, an analysis of IT security leaders’ perceived threat of ransomware attacks and the maturity of their cybersecurity defenses, found that 90% of organizations were affected by ransomware in 2022, and organizations are increasingly likely to be hit more than once, with 50% hit at least twice. Additionally, 87% of organizations showed concern about infostealer malware on unmonitored devices creating a risky entry point for ransomware.

SpyCloud released its Compass solution to help enterprises detect and respond to the initial precursors of ransomware attacks. Powered by malware intelligence from SpyCloud’s unmatched database of over 325+ billion recaptured data assets, enterprises now have definitive evidence that stolen data tied to an organization is in cybercriminals’ hands and can be used to target them for ransomware. Armed with the exact authentication data siphoned from malware-infected devices, security teams have the information they need to immediately remediate ransomware entry points.

Additionally, SpyCloud’s unique monitoring capabilities allow them to identify all infected devices, applications, and users, even if they fall outside of corporate oversight. SpyCloud’s multi-faceted ransomware prevention capabilities are the most efficient way to illuminate previously unseen compromised assets from corporate users.

Compass is also the only solution to enable a more complete malware infection response called Post-Infection Remediation (PIR). This approach includes several steps that allow security teams to reset infected application credentials and invalidate session cookies siphoned by infostealer malware, further mitigating the risks associated with ransomware.

How we are different

2022 Ransomware Defense Report: In 2022, SpyCloud published a comprehensive analysis of how organizations are responding to the growing threat of ransomware. The report found that 87% of organizations showed concern about infostealer malware on unmonitored devices creating entry points for ransomware. It also showed the increasing threat of repeated ransomware attacks, with 50% of organizations hit by ransomware at least twice.

Visibility into Unmanaged & Undermanaged Devices: If an employee logs into corporate networks using an infected device, criminals can gain access to credentials, personally identifiable information (PII), device and session cookies, and system information that allows them to infiltrate and exploit corporate resources. SpyCloud’s unique capabilities enable organizations to focus on high-priority threats based on definitive indicators of malware-infected devices and exposed applications, regardless of if the device is corporate or personal.

Malware and Ransomware Prevention: SpyCloud mitigates the long-term risk of malware by taking incident response beyond standard device remediation and remediating otherwise unseen compromised assets. This approach also serves to prevent ransomware, as organizations can close security gaps and lower their attack surface by remediating the entry points used by criminals.