|
A New Approach to Runtime Cybersecurity
Stegosystems is a technology driven company offering a fundamental advance in runtime cybersecurity to protect the integrity of mission critical applications, servers and endpoints in potentially compromised environments.
| |
Stegosystems is introducing a new patented method for enforcing runtime cybersecurity, i.e., continuously preventing the execution of foreign software including malicious code. This method distributes an un-forgeable, perfectly secure watermark across all or portions of binary code without the need for source code or changing or adding to the executable code in any way thereby having minimal impact on end user licensing or the software lifecycle.
Credentials needed to recognize the watermark are independent of the size of the code and may contain an arbitrary amount of arbitrary information which can be used to address intellectual property issues. The watermark is continuously recognized by a separate process throughout the execution cycle. These two activities may be placed together on mobile endpoints or separated as in server/endpoint enterprise information architecture. The following pages describe its capabilities and its availability
Inside the Defensive Perimeter
The “defensive perimeter” created by conventional cybersecurity approaches such as anti-virus, white-listing, intrusion prevention, and so forth surrounds the execution unit and its memory. Malicious software penetrating that perimeter exposes executing software to in-memory attacks during execution. This dynamic tampering includes “hooking” exposed executables to alter their execution path, exploiting un-patched vulnerabilities, buffer overflows, reflective and return address programming and execution from the heap. Even executables successfully passing perimeter scans, assumed safe and approved for execution, may contain backdoors that permit code insertions.
Signatures Are Removed for Execution
While encryption, code signatures, checksums and hash codes are common in the protection of executables and help create the defensive perimeter, they are not in themselves executable. They are removed prior to execution and can't protect the executable in-memory during actual execution.
Perfectly Secure Runtime Cybersecurity
After several years of research and development, STEGOSYSTEMS has developed a Stegosystem for detecting and preventing these in-memory attacks by creating an invisible permanent “watermark” in the executable code with no added code or specialized transformations. During execution we continuously “recognize” this watermark to verify the integrity of executing code.
Learn More
To learn more about our patented technology and our capabilities please contact us techwhitepaper@stegosystems.com
|
|
