Am I too pessimistic about this? Today it can detect ransomware, the next day could be malware, and the day after can be any file.
It’s just a data filter that’s build in to a hardware and possibly no way to trun off. Last thing I want is a black box watching what I stored on my drive.
False positives everywhere
Just to play devil’s advocate here: if that system can scan better than current systems, it’s already a win. If that system can scan more efficiently than current systems, even with false positives, that could be a win, if used as a screening layer.
There could be use cases for this, or it’s just buzzwords and marketing.
This doesn’t sound any different than what most host based AV already do. The novel idea is implementing it in on the storage array directly in a way that doesn’t hose performance. That means instead of needing 100% coverage of all clients to detect/ prevent ransomware encrypting your network storage, the storage array can detect it and presumably reject the compromised client.
No change then. Every time I’ve uploaded new encrypted (most) data to one drive, it’s emailed me about potential ransomware.