Skip To Main Content 2023 Ransomware Report | Download Now

Protects RDP Sessions – The Entry Point for 50% of All Ransomware Deployments — With MFA That Detects and Prevents Unauthorized Users and Halts Breach Progression, Strengthens Cybersecurity Insurance Eligibility

VEJLE, Denmark & WILMINGTON, Del., September 7, 2023BullWall, the global leader in ransomware protection for critical infrastructure, today introduced BullWall Server Intrusion Protection to protect servers from unauthorized access resulting from the use of compromised credentials during Remote Desktop Protocol (RDP) sessions. By placing BullWall’s multi-factor authentication (MFA) between the server and any unauthorized users, organizations are protected from bad actors who may have gained entry to the network, preventing the deployment of ransomware.

BullWall Server Intrusion Protection prevents RDP session hijacking and impedes breach progression to prevent the deployment of ransomware. When an illegitimate session is detected, BullWall blocks any compromised clients and servers, and immediately issues the necessary alerts.  It’s an important new weapon in the ongoing battle against the use of stolen or compromised credentials, one of the most impactful areas of cybersecurity vulnerability for most organizations. With the surge in remote and hybrid work environments, Remote Desktop Protocol (RDP) is the entry point in nearly 50% of all ransomware attacks.

BullWall Server Intrusion Protection works together with BullWall Ransomware Containment (formerly BullWall RansomCare) to prevent and contain ransomware, protecting the organization’s most important, targeted digital assets against cyberattacks – a singularly important safeguard that can substantially impact cybersecurity insurance eligibility and terms for many organizations.

Jan Lovmand, BullWall Co-Founder and CTO, said: “Remote Desktop Protocol is the single most exploited initial attack vector, and the entry point for fully half of all ransomware attacks. We’re really excited to introduce BullWall Server Intrusion Protection to shut down RDP session-level attacks, closing a door that’s otherwise too easily opened. Together with our Ransomware Containment solution, BullWall offers organizations the strongest defense against ransomware available on the market today.”

Morten Gammelgard, BullWall Co-Founder and EVP of EMEA, shared “One of the biggest stumbling blocks to obtaining cyber insurance is the requirement for MFA on servers in addition to endpoints, for every login attempt. BullWall Server Intrusion Protection provides a game-changing MFA solution for server access that doesn’t require a second device. We’re thrilled to offer a solution that increases security, reduces user friction and stops today’s most common attack vector.”

Most security-minded organizations now have MFA in place as single logon – which proves futile against a threat actor logging into a server via RDP and then moving from there to other servers. BullWall Server Intrusion Protection blocks every step of such attacks, and demonstrates the highest levels of compliance and reporting.

To learn more about BullWall Server Intrusion Detection, please visit here.

About BullWall

BullWall is a leading cybersecurity solution provider with a dedicated focus on protecting critical IT infrastructure from ransomware. We provide rapid containment of active attacks, and safeguard servers by preventing unauthorized intrusion.

With offices in the United States, the United Kingdom and Denmark, BullWall has over 600 customers across 19 countries, helping to put an end to ransomware on a global scale. For more information, visit

Media Contact:

Dan Chmielewski

Madison Alexander PR, Inc.