Virsec to end attacks on server infrastructure & software supply chain

With real protection and runtime observability, Virsec unveiled its Deterministic Protection Platform (DPP), which ensures greater protection against all known and unknown threats to software workloads while lowering threat actor dwell time from minutes to milliseconds. DPP by Virsec defends server workloads throughout the whole runtime stack, reducing false positives, when deployed on bare metal, virtual machines (VMs), containers, or in the cloud, by combining the largest attack coverage and greatest accuracy in the industry.

“Security practitioners are exhausted at the failed promise of ‘protection’ when many vendors merely offer alerts after an attack on their applications. As we’ve seen with Log4j, PrintNightmare, and other recent attacks, this approach is not working,” said Dave Furneaux, Cofounder and CEO of Virsec.

He added, “When we founded Virsec, we took a ‘first principles’ approach to protect software, regardless of the attacker’s preferred exploit or attack method. Now, the name of our platform says it all–we can determine what your software is supposed to do and immediately stop any attack.”

DPP by Virsec is the next generation of the company’s award-winning Virsec Secur-ty Platform (VSP), which was the first solution to truly eliminate threats to software workloads in real-time during execution. DPP by Virsec renders traditional, probabilistic security solutions obsolete by providing protection that traditional, probabilistic solutions simply cannot:

• At-runtime application stack security, which automatically protects susceptible workloads from all angles, including programmes, files, processes, and memory space, which are commonly targeted by attackers.
• Only trusted execution is permitted, ensuring zero adversary dwell time and preventing an attacker’s destructive operations in milliseconds against both known and new threats—protecting against ransomware, remote code execution, supply chain poisoning, and memory-based assaults, to name a few.
• Detects advanced assaults through Extended/Endpoint Detection and Response (X/EDR), Web Application Firewall (WAF), In-trusion Detection and Prevention System (IDPS), Endpoint Protection Platforms (EPP), and Antivirus (AV) solutions at the web, host, and memory layers.
• It can drastically minimise or eliminate the requirement for patching. DPP by Virsec does not affect applications while delivering true protection because to its read-only method to mapping the software burden. This one-of-a-kind solution also enables large-scale deployment, performance maintenance, and automation.

Attacks are increasing at an exponential rate. The FBI reported more than 2,000 ransomware attacks in 2020, with a 200 percent increase in ransom demands in 2021. Software vulnerabilities continue to be a problem for both legacy and current systems, because they all target – and in many cases lurk within – software at its most basic levels on hosts and in memory. In fact, OWASP updated its top 10 most critical application risks and introduced a new category, Software and Data Integrity Failures, to commemorate its 20th anniversary. Attackers switch up their tactics all the time. The “attack-of-the-week” is not protected by EDR or other typical methods. A new strategy is required.

DPP by Virsec protects the entire application stack in runtime, including web, host, and memory, regardless of application type or environment. This deterministic security method guarantees precise protection for legacy unpatched workloads, consolidated VMs and containers, as well as runtime web application protection and control. The platform’s coverage of all of these use cases aids enterprises’ overall business outcomes by improving security, lowering operational costs, and ensuring continuous compliance.

Virsec now has customers in the public and private sectors all around the world, including the healthcare, financial services, retail, energy, and insurance industries.