Polyverse Corporation, 550 Kirkland Way, Suite 210, Kirkland, WA 98033

Transcription

1 P R O D U C T info@polyverse.io O V E R V I E W Polyverse Corporation, 550 Kirkland Way, Suite 210, Kirkland, WA 98033

2 2 PROACTIVE CYBERSECURITY Imagine a lotto game where the winning numbers were picked in advance and kept in an office drawer. What would happen? Every criminal around would be trying to break into that office and steal those numbers. Of course, no lottery picks its numbers in advance; they select them using a highly dynamic system such as balls bouncing around in a container. Hacking today s enterprise computer applications is a lot like playing lotto where the numbers are known in advance. No matter how sophisticated an organization s cyberdefenses, if its valuable systems are static and unchanging, hackers will ultimately figure out the winning numbers to breach them and take the jackpot. Most hackers know exactly which numbers to play. Zero-day exploits that are readily available on the dark web can breach most application and system technologies (e.g., Microsoft Windows and.net, Linux, Java, etc.) with impunity, because no antivirus software signatures are yet available to defeat them. Advanced persistent threats (APTs), in which malware and backdoors can lurk undetected for months inside enterprise systems, wreak havoc and steal data with little chance of being spotted. Insider threats, whether from rogue employees or compromised laptops, bypass perimeter cyberdefenses. And security analytics, undermined by significant error rates, do little to protect an organization before an attack. In an application secured by Polyverse, by contrast, hackers have improbable and impractical odds at winning the jackpot. Polyverse s technology assumes that any application component will inevitably be attacked and breached, and employs a concept known as Moving Target Defense (MTD) to continuously vary the target application s attack surface. Polyverse s MTD platform consists of a suite of advanced software tools from self-healing technologies to binary scrambling to dynamic sandboxed firewalls that create a near impenetrable barrier for cyberattackers. Far from knowing in advance how to break into a Polyversed application, hackers are confronted with a target that is constantly and randomly shifting a cybersecurity lotto in which the numbers are always in motion. As a software-only solution, Polyverse is compatible with all major s, operating systems and programming languages, and is remarkably swift and simple to deploy in onpremise servers or cloud datacenters. An initial installation of Polyverse can be done by changing just a few lines of code in an existing application, and enhanced capabilities can easily be added incrementally.

3 3 Disrupting Hackonomics Regardless of the high value or sensitivity of the information involved (e.g., medical and financial records), today s enterprise datacenter applications typically utilize a three- architecture consisting of a that stores the data, one or more (or business logic ) systems that access that data, and a series of endpoints such as websites, smartphones, in-house analytics or billing applications. Although there is a great deal of variety in these systems (e.g., various types of SQL and NoSQL s, and a plethora of - frameworks such as Java and Node.js), the high-level architecture is very similar (see Figure 1 below). Polyverse s Moving Target Defense-based solution can transform the common break once, exploit everywhere scenario into an it s too hard to even break once scenario. Polyverse s binary scrambling can create unique versions of applications, fundamentally breaking zero-day exploits so they simply don t run. For attacks that can break through even a fully scrambled system, Polyverse s selfhealing features will continuously restore an application to a known good state every few seconds. With Polyverse, cyberattacks have little chance of succeeding in the first place, and in any case are automatically removed every few seconds even if they are not detected. No matter how heavily defended by existing technologies, such systems are highly vulnerable to attack, because the asymmetry of hackonomics the economics of cybertheft greatly favors the attacker. The similarity of many of today s systems architectures makes them susceptible to break once, exploit everywhere attacks. For instance, hackers can obtain a copy of Java and, with persistence, find an exploitable security flaw. The virus created to exploit that flaw can then compromise any system running that version of Java, across vast numbers of computers worldwide. Consider an environment defended by conventional cybersecurity tools. Here, the discovery of an APT means that data has almost certainly been stolen and that the attacked system must now be completely and laboriously rebuilt. But what if Polyverse had continuously been restoring the system to a known good state every few seconds, 24/7? No APT or, for that matter, any exploit could be deployed under such circumstances, and no data stolen. This is the power of Polyverse s MTD: it creates ever-changing diversity in the protected environment. one two n Break once, loot everywhere Three- architecture Prized data in single vault Traditional Model Figure 1

4 4 As a subsequent step to confound attackers and defeat zero-day exploits, Polyverse can scramble a protected system s binaries, ideally continuously and at high speed (depending on customer requirements). This creates unique versions of the system s applications every few seconds, ensuring that binary-level zero-day exploits (and other malware) have no opportunity to function and in the remote event that a hacker does get lucky in those few seconds, her attack won t work after the next scramble. The result is that attackers have no baseline to analyze and create new viruses: Polyverse transforms their previously easy target into millions of random permutations at the compiler level a transformation that can be performed onpremise or in the cloud with little to no impact on system performance. On the most conservative calculation, the probability of a zero-day virus successfully exploiting a Polyverse-protected system is 8x It s also crucial to note that Polyverse s security solution does not need to detect or know if a cyberthreat is present or imminent to be effective, although our real-time attack detection constantly monitors the threat landscape to provide that data if required. More advanced deployments of Polyverse can also take advantage of its dynamic-partitioning and full-fidelity honeypot features. Instead of storing millions of records in a single, Polyverse dynamically partitions a system into thousands of secure containers (think of them as micro bank vaults ), each with a discrete micro, unique encryption keys, and set of applications needed to process only the data in that container. A successful cyberattack can compromise only a single container, rather than the entire system (see Figure 2 below). Moreover, Polyverse s dynamic isolation minimizes damage from both external and internal attacks, including Snowden-style breaches. Polyverse can go even further and not only create real partitions, but also thousands of fake partitions that can act as high-fidelity honeypots for attackers. one two n Polyverse Router (Dynamic Topology) DDOS Black Hole Auth Honeypot Dynamic Decoy Figure 2

5 5 Freedom from Cyberfear Moving Target Defense enables Polyverse s technology to demolish both the attack strategies and economic incentives of cyberattackers. No surprise, then, that Polyverse aces rigorous third-party penetration tests that outsmart conventional security tools. We offer cutting-edge protection in a single, easy-to-install solution that is fully configurable to any organization s system and that can be deployed either incrementally or as a comprehensive turn-key package. The Polyverse solution is fully integrated into the system under its protection: Polyverse is code that simply ships and deploys alongside that system s own code. Moreover, our everything s included licensing model is aligned to your security needs your organization doesn t pay more to become more secure. Our annual fee covers everything: all servers, datacenters, edge, -s, s, and so on; white-glove installation and subsequent -level support; all upgrades and maintenance; and an unlimited test and development license. Deployment and training typically takes days or weeks, rather than the several months that is commonplace with conventional cybersecurity tools. There is no such thing as a 100% attack-proof system. But by changing the defense mindset from increasingly costly (and breachable) castle walls to an MTDbased model, Polyverse delivers organization-wide defenses that are orders of magnitude better than existing security tools and makes it immensely difficult for hackers to hit the cyberlotto jackpot. For more information, please contact us at: Polyverse Corporation, 550 Kirkland Way, Suite 210, Kirkland, WA info@polyverse.io 2016 Polyverse Corporation. All rights reserved.