Commercial Availability of Self-Service Cyberhardening Technology
RunSafe Security, the pioneer of a patented cyberhardening process for vulnerable embedded systems, devices and industrial control systems (ICS), has announced the commercial availability of Alkemist, a proprietary self-service technology built to reduce vulnerabilities and deny malware the uniformity needed to execute. Previously known as Software Guardian, Alkemist uses remotely deployable software binary runtime application self-protection (RASP) methods to significantly reduce risk by precluding exploits from spreading across multiple devices and networks. Originally born out of a research project for the Advanced Research Projects Agency of the Department of Defense, Alkemist is the only self-service cyberhardening tool to protect binaries in minutes while leaving each system functionally identical, but logically unique.
“The recent news cycle has had no shortage of stories on the many risks to vulnerable embedded devices and industrial control systems,” said Joe Saunders, RunSafe Security’s CEO. “With the release of Alkemist, our customers can cyberharden systems across all critical infrastructure so that operators and manufacturers can avoid disruption in service. We also work directly with software suppliers to ensure that they are not the weak link in the supply chain.”
How Alkemist Provides Critical Infrastructure Protection
While many embedded system and device security and ICS security solutions focus on identifying breaches with firewalls, anti-virus software, or intrusion protection, RunSafe Security always assumes that motivated adversaries will eventually break in. Therefore, rather than reacting to compromised vulnerabilities following an exploit, Alkemist actively prevents malware from being executed by mitigating common attack techniques including:
- Memory corruption attacks (buffer, stack, and heap)
- Return/jump oriented programming (ROP/JOP) attacks
- Compromised hardware and software supply chain attacks
- Scaling of attacks
To reduce the attack surface, RunSafe Security hardens software binaries by remotely deploying a transformation process that uses RASP techniques in multiple ways including:
- Binary Stirring (memory, function, library, and stack) – This post-compilation hardening process randomizes memory, basic block functions, and access to third-party libraries. This logical reordering ensures that malware is denied the structure it requires to propagate and take control of code.
- Control Flow Integrity (CFI) – This technique stops exploits from reordering legitimate functions into an unintended sequence and protects against Return Oriented Programming and Jump Oriented Programming (ROP/JOP) attacks. It prevents malware from changing how commands are executed.
- Proprietary a priori Optimization – This is used to discern best techniques based on instruction set, codebase, and binary structure.
By precluding an exploit from spreading across multiple devices and networks, RunSafe Security’s Alkemist disrupts traditional hacker economics by denying the routine tactics and techniques that attackers prefer. Alkemist, which can be accessed through a web client or API, requires no new software, services or hardware, and no access to source code. In addition, there is no dependence on compiler or operating systems and there are no time-consuming alerts to monitor.
“After evaluating several ICS cybersecurity providers, we chose RunSafe Security to protect boards that are used to manage cooling systems in large scale data centers,” said Jason Gloeckner, Director of Thermal Controls at Vertiv, one of RunSafe’s first customers. “RunSafe’s Alkemist mitigates against cyberattacks that traditional alerts, intrusion detection, and managed services would otherwise just report on. Our customers cannot afford cyberattacks that disrupt operations.”
Backed by Alsop Louie Partners and the Center for Innovative Technology, RunSafe Security is headquartered in McLean, VA with an office in Huntsville, AL. To request RunSafe’s latest whitepaper, Cyberharden Industrial Control Systems Now…Or Deal with the Consequences Tomorrow, click here.
About RunSafe Security
RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices. With the ability to make each device functionally identical but logically unique, RunSafe Security renders threats inert by eliminating attack vectors, significantly reducing vulnerabilities and denying malware the uniformity required to propagate. Headquartered in McLean, Virginia, with an office in Huntsville, Alabama, RunSafe Security’s customers span the critical infrastructure, IIoT, automotive, medical, and national security industries.