[Feature Request] Ransomware Behavioral Detection

Hello everyone,

I would really like to see this feature added to the next product update e.g. 22.10 or 23.0 of Norton Security. If it is not possible to add this feature into the core product, perhaps this could be added as a small installable tool/add-on to compliment the existing product?

Kaspersky, Malwarebytes and Cybereason Ransomfree all can detect ransomware acting on a system and block it before it succeeds in encrypting the entire system. This is not an easy feature to add but will go a long way to stop the almost daily new samples of ransomware that are spreading in the wild. This feature should not need regular signature updates since it should be looking for an unknown/unsigned executable suddenly making a request to encrypt vast numbers of files, it's use of API calls (customized or otherwise) should still be detectable.

Links to products that offer this feature are mentioned below. While I have confidence in Norton Security, should all else fail if you can detect a piece of ransomware attempting to encrypt all of your personal files you can quickly terminate the process and delete the executable file.

Considerations for legitimate use of encryption e.g. TrueCrypt, VeraCrypt and Steganos Safe 18 etc. should be whitelisted.

https://go.kaspersky.com/Anti-ransomware-tool.html

https://blog.malwarebytes.com/malwarebytes-news/2016/01/introducing-the-malwarebytes-anti-ransomware-beta/

https://ransomfree.cybereason.com/

Thank you in advance for considering this suggestion.