11 minute read
»A DETERMINISTIC APPROACH TO CYBERSECU- RITY
A DETERMINISTIC APPROACH TO CYBERSECURITY
With an approach that redefines cybersecurity, Virsec’s Deterministic Protection Platform offers protection against zero-days and evolving attacks to workloads deployed in production
Advertisement
Cybersecurity today needs to overcome sophisticated attacks before they can penetrate infrastructure and software. Easier said than done because these attacks are unpredictable and are evolving fast. Hence there is a need for an entirely redefined approach that ensures better protection against zero-days, evolving attacks and, known and unknown threats to workloads deployed in production.
With its Deterministic Protection Platform (DPP), Virsec delivers a solution that meets these requirements to secure critical infrastructure at all times.
Dave Furneaux, CEO, Virsec says, “At Virsec, we recognize that the only way to overcome the most sophisticated types of cyber threats is true protection. Cybersecurity is an industry of innovation. Technology needs to constantly evolve and at a fast pace at that, because attackers tend to exploit software at their very core in innovative and unpredictable ways. There is no singular or fixed pattern that can be tracked and cracked; hence it is crucial that threats are stopped before they can start to infiltrate the system. The Deterministic Protection Platform (DPP) by Virsec is the only solution that ensures precise protection against zero-days and evolving attacks to workloads deployed in production. Runtime protection is key, as DPP reduces threat actor dwell time from minutes to milliseconds across the full software stack. Our focus allows us understanding and thwart attacks from their source, that is prevention within the application itself, rather than attempting to trace the attacker.”
Traditional security can no longer handle today’s cyberattacks that have become increasingly complex where actors exploit systems at the core to obtain control of server workloads. With conventional security solutions, attackers can bypass detection and gain access.
Dave adds, “Conventional security solutions are probabilistic in their approach as they rely on heuristics or AI to “guess” if an attack has occurred, typically by analyzing logs after an incident has occured. As a result, breaches keep happening, with attacker dwell times averaging almost seven days. Additionally, these tools generate hundreds of false positive alerts – overwhelming precious security resources with having to investigate and respond to each one. Certain market segments such as defence, banking, government, national and critical infrastructure, amongst others, cannot afford the risks of being exploited. Critical infrastructure systems require full protection to prevent data theft, service disruption, and financial losses. Virsec has a unique approach to mitigating these risks, rooted in determinism.”
Rather than focusing on the attacker and past behaviour, Virsec focuses on the application in runtime. An application is built using code, and once a specific code is written and used to build an application, it will always produce the same results and the same outcome when executed. This repetition is the biggest indicator of proper functioning – if there are any anomalies, and when the code starts acting in ways that are not part of the original infrastructure, it is a warning sign.
Dave elaborates, “With Virsec’s technology, namely our Deterministic Protection Platform, these deviations are detected early and stopped before major damage or downtime is caused. With DPP, Virsec is making security response obsolete by offering the protection those probabilistic solutions do not. DPP ensures automatic protection against all known and unknown threats to vulnerable workloads, but it also reduces adversary dwell time from minutes to milliseconds, specifically protecting against ransomware, remote code execution, supply chain poisoning, and memory-based attacks.Virsec have made significant investment and developed numerous patents rooted in our first-principles approach to protection, which separate us from traditional security tools.” Traditional approaches to protection rely on monitoring systems from a distance and only reacting once the attack has taken place – at this
point, often the damage has been done and it is difficult to recover what may have been lost. DPP does not rely on prior knowledge and focuses on what the Applications are meant to do. Any deviant behavior needs to dealt with in milliseconds before the infiltration succeeds.
Dave says, “Prior knowledge of applications is not what prevents attacks, rather it is a thorough understanding of what the application is supposed to do versus what it should not. It is critically important to fully understand applications from the inside out. A deterministic approach automatically safeguards an application from within because it can detect a threat within milliseconds – as soon as the code stops doing what it has always been doing. The first two or three seconds in are very crucial for the attack to proceed. You must be able to stop it at that time, and we are able to do that with DPP, by knowing and understanding the application’s code thoroughly. It is different because it does not just rely on the knowledge, but on the consistency of the application and any fluctuations are an immediate warning sign of an adversary in your network. This means zero dwell time for a cyber threat, and it is eradicated before it can compromise your business, and the attacker is left unaware.”
DPP is designed to prevent cybercriminals' efforts to set up attacks, execute scripts/code, and gain free reign over server environments by exploiting hosted applications. Threats that bypass existing security controls can be countered with trusted precision at any stage in the attack sequence, so attackers do not benefit from delayed security efforts.
When it comes to ransomware, one of the key points to keep in mind is that it does not happen overnight. The attackers wait for weeks, maybe even months, in your network before they act. A key focus of DPP is that with its approach of ensuring zero dwell time for a cyber threat , it is able to offer early remediation against ransomware attacks that are now seen to be on the rise.
Dave says, “ With DPP, there is constant visibility into a software’s workload as it is being executed. This is not just into application components, but spans vulnerable workloads, files, processes and memory space that are typically targeted by attackers. Having such thorough visibility into systems during runtime allows organizations to pay attention to any inconsistencies and boost their security for sensitive or critical information. Unlike typical solutions that enable threats to progress as various incidents are evaluated or precedence is established, DPP ensures early attack eradication for zero attacker dwell-time without affecting system operations. DPP provides a deeper layer of protection while enabling a direct line of sight into all software code and workload – true runtime observability, without impacting performance.”
Virsec’s Deterministic Protection Platform simplifies cybersecurity for organizations without much tech expertise. It is automated and does not require a team of cybersecurity personnel to be deployed to manage it.
“Virsec automates runtime protection on any server workload and in any workload environment. Organizations want security that is convenient, and DPP offers this by instantly mapping the application workload within milliseconds once it is launched, deterministically allowing only known “good behavior” as defined by the parameters Dave Furneaux
CEO, Virsec
of the software. “
Security teams deploying DPP have experienced significant OPEX savings by up to 70% and increased time to focus on business innovation versus the hassle of monitoring suspicious events, hunting out threats, investigating results, and reacting to thousands of false alerts daily. DPP consolidates several security tools (WAF, AV, allow-listing) and unifies protection for workloads deployed in containers, clouds, and VMs (virtual machines), shrinking the security footprint within a single installation while delivering accuracy in protection and no false positives. The intuitive UI maximizes usability and accelerates deployment and protection at scale.
DPP also ensures precise protection against zero-day and evolving attacks to workloads deployed in production with its own Zero trust approach.
“Unlike other Zero-Trust solutions who focus solely on identify and access management (IAM), DPP assumes threat actors have arrived on the host server to execute malicious activity using validated requests, data, and components at runtime. DPP applies a ‘never trust, always validate’ approach to application runtime, delivering the tightest control on software components and solid protection against evasive attacks that weaponize the same. It uniquely maps the entire software stack as applications load to discern how systems should execute, and protections on deviations automatically initiate in milliseconds. DPP enables organizations to continuously validate files, processes, process flow, and memory usages automatically as throughout the runtime cycle for zero trust execution that erases risk and simplifies security,” adds Dave.
Enabling cloud adoption
DPP also makes it convenient for organizations to embrace a cloudfirst strategy without concerns of heightened risks or security complexities. It integrates seamlessly with DevOps, DevSecOps, and CI/ CD pipelines for secure code development, drift prevention, and assurance that applications are deployed to the cloud protected. DPP’s
deterministic approach to threat detection instantly reduces the attack surface and protects against the most evasive attacks that have the potential to compromise VMs or Kubernetes and Docker containers.
“Whether DPP is deployed in cloud environments like Amazon Web Services, Google Cloud Platform, and Microsoft Azure, customers can experience the same depth of visibility and full-stack protection afforded on-premises without additional skill requirements or shifting expertise to an MDR/MSSP. Furthermore, DPP allows organizations to unify their security capabilities central to cloud runtime protection within one platform instead of relying on solutions that add more complexity to protecting cloud deployments regardless of infrastructure demands,” says Dave.
The partner focus
The cybersecurity vendor has a strong partner focus as part of its go to market strategy.
Virsec has built a strong partner system with outcome-based incentives for its partners’ teams. It also has a very strong focus on partner-team enablement through trainings and certifications for customer satisfaction, and some of its strategic partners enjoy the benefits and opportunities that arise out of joint marketing activities as well as funded heads.
Dave says,“From the very start of our journey, Virsec has been partnering with organizations who share our mission to make cyberattacks irrelevant. We work closely with many partner-centric companies whose mission is to protect end-user software infrastructure, and it is safe to say we are a channel-focused company. Virsec engages with a diverse set of partners including, value added distributors, resellers, referrers, system integrators, and managed service providers.”
Virsec works in tandem with channel and global alliance partners to ensure they deliver on their commitment to keep their customers safe.
Bobby Gupta, Senior Vice President and MD of International Business, Virsec says, “Virsec is on a mission to make cyberattacks irrelevant by fully protecting software while its running. We envision a fully safe digital ecosystem, and our ambition has always been to achieve this through the support of our channel partners, both within the region as well as globally. Virsec maintains global alliances with international organizations such as Raytheon, KPMG, and IBM, but we also work with several local partners in the Middle East, Asia Pacific, and Europe. We have always had a deep commitment to reaching our end users though our partners. We strongly believe in the experience and breadth of our partners in the region that supports us in achieving our mission.”
The Outlook Ahead
Virsec has expanded its global presence in recent years and is looking to make more inroads into the Middle East region in the near future
“Virsec is proud of our robust global footprint, which has us engaged in over 20 countries including many in the Middle East. We anticipate continued growth in and across the region this year and in the future – catalysed by our connections, team and partners in the region. We expand our strategic focus by growing our team on the ground, onboarding partners, and ultimately boosting our channel presence across the Middle East,” says Dave.
We have recently announced a big partnership with Yotta Infrastructure in India. Virsec’s Series C funding round of $100 million last summer propelled its growth by allowing to hire new key executives and expand its global footprint.
“Last year we further expanded our efforts in the ANZ region, Africa, India, North America as well as the Middle East and Africa. We are now beginning to reach Japan and APAC, and Europe, too. Additionally, our strategic relationships and commitment across the four Quadrilateral Security Dialogue (Quad) nations (US, Japan, India and Australia) has enhanced our ability to protect within critical infrastructure and the defence sectors globally. This has contributed to garnering momentum and solidifying the outlook we have for the future of Virsec, ” adds Dave.
From a global perspective, the Middle East market is a key focus for Virsec. Bobby Gupta
Senior Vice President and MD of International Business, Virsec
Bobby says, “Middle East is a key region for Virsec. We have seen how cyber-attack patterns have grown across the region, and as one of the only providers of runtime application security, Virsec works very closely with various verticals in the Middle East such as government, telecoms and in financial services, namely within the UAE, Saudi Arabia, Qatar, Kuwait, Jordan, and Egypt. In fact, many of our early customers are located in the region. We have a significant presence in the UAE, with a local team and a strong network of channel partners across the region.”
With an approach that redefines how cybersecurity is being looked at, GISEC serves as an ideal platform the vendor to showcase what it has to offer. Virsec is an exhibitor at this year’s GISEC and will be highlighting the capabilities, performance and operational savings of DPP and also use the platform to spread awareness of true runtime protection and why it is so vital for organizations today.
