Pentera delivers proactive ransomware testing for Cl0p’s known attacks in both Windows and Linux environments

Boston, Mass. September 3, 2025Pentera, the market leader in AI-Powered Security Validation, today announced the addition of the Cl0p ransomware tests to its platform. This update allows organizations to validate their ability to prevent, detect and respond to Cl0p’s real-world attack behavior across both Windows and Linux environments, safely and in production.

Cl0p is one of the most prolific ransomware families in operation, responsible for multiple high-impact data extortion campaigns. The group is known for exploiting zero-day vulnerabilities in enterprise systems to gain access and exfiltrate data. According to recent research, in Q1 2025 Cl0p was the most active ransomware group, accounting for 19% of global ransomware attacks, with 83% of its victims based in North America.

“CISOs are under pressure to prove the ransomware readiness of their organizations, but most still have no safe or practical way to do it,” said Ran Tamir, Chief Product Officer at Pentera. “With the addition of Cl0p to Pentera’s growing suite of ransomware campaign coverage, security teams can validate their resilience against one of the most dangerous ransomware groups. Security teams gain a clear and actionable view of their security posture against ransomware – What defenses and policies are working, and where can threat actors exploit gaps in their security.”

With the inclusion of Cl0p tests, Pentera’s RansomwareReady™ platform continues to expand its coverage of the most destructive ransomware campaigns observed in the wild. The platform safely replicates each campaign’s tactics, techniques, and procedures (TTPs), allowing organizations to validate their prevention, detection, and response capabilities against real ransomware attack vectors. With RansomwareReady™, security teams can proactively test the effectiveness of their endpoint protection platforms, SOC workflows, segmentation policies, and response plans.

With the addition Pentera’s platform ensures:

  • Safe-by-design execution of the full ransomware kill chain, including infiltration, privilege escalation, lateral movement, data exfiltration, and encryption behavior
  • Use of Cl0p’s indicators of compromise (IOCs) to trigger detection and alerting systems
  • Coverage for both Windows and Linux environments, reflecting Cl0p’s growing cross-platform capabilities
  • Step-by-step remediation guidance, helping security teams strengthen defenses where vulnerabilities are exposed