Ransomware operators have adapted to evade traditional endpoint detection by targeting network drives and shared storage resources, exploiting the limitations of local system-focused security measures. A new hybrid framework has been proposed to detect crypto-ransomware in enterprise shared storage, addressing the evolving threat landscape. This framework combines multiple approaches to identify and mitigate ransomware attacks, which have become increasingly sophisticated in bypassing conventional security controls. The framework's effectiveness lies in its ability to monitor shared storage resources for anomalous behavior, leveraging machine learning algorithms to detect patterns indicative of ransomware activity. By focusing on shared storage, this framework fills a critical gap in existing security measures, which often overlook the vulnerabilities of network-driven attacks1. This matters to security practitioners because it highlights the need for a more comprehensive approach to ransomware detection, one that extends beyond endpoint protection to encompass the entire enterprise infrastructure.