It may be the holiday season, but it is clear that while we all desire to conduct more and more of our transactions online there is significant doubt about the security of those transactions. This ranges from the devices we use for those transactions to the potential theft of our personal information by the vendors we rely on. In fact, making those devices “hack proof” is a major step in restoring trust to skeptical shoppers. However, defenses need to be shored up across the entire transactional value chain.
In this regard, the news that after two years of testing in real-world deployments and at West Coast Labs, digital security vendor TrustPipe has emerged from stealth mode to introduce its marker-based security technology to address in a major way the device hacking challenge. The company is promoting its offering as “a superior alternative to signature- and heuristic-based security, and helping to make computers and other devices virtually hack proof.”
Putting down a marker, a new approach to prevent device hacking
Put simply, TrustPipe is protecting computing devices from hacking by relying on its patented marker technology rather than signatures. As such the system is able to reliably detect – and block – network-based attacks of all types, including both “zero day” events as well as the endless variants of existing vectors.
Given the issues with signature-based and heuristic systems for detecting threats, TrustPipe decided there had to be a better way, especially since the good guys always seemed to be playing catch-up with those with malicious intent. The company discovered that there are distinctive markers — similar to markers in DNA — that perfectly identify entire classes of threats. Hence, like DNA these markets are extremely precise.
In fact, TrustPipe says its marker-based approach detects and blocks all variants — past and future — of every threat class, without modification. They explain for example that TrustPipe-protected systems were not vulnerable to the Heartbleed and Shellshock threats. The reason is that those threats were new to signature-based systems but to TrustPipe they were simply members of an existing class. No “urgent update” was required.
“We’re excited by what the technology has been able to accomplish, but we recognize that this is a marathon, not a sprint,” said Ridgely Evers, cofounder and CEO. “While TrustPipe has performed perfectly so far, we assume that there will be issues in the future, and have designed the system to be able to respond.” The architecture and dynamic nature of the TrustPipe technology will enable it to update all TrustPipe-protected machines and contain the threat, quickly and effectively. In the rare case of a truly new threat class, TrustPipe automatically discovers the new threat, protects the compromised computer in real time, and then shares its discovery with every other TrustPipe in the world, inoculating the entire TrustPipe ecosystem in minutes.
TrustPipe founder and Chief Scientist Kanen Flowers added that: “The primary purpose of network security is to keep users safe, and by that metric the security industry has largely failed…The cause is certainly not a lack of effort, but rather that the approaches used are conceptually flawed. Actually solving the user’s problem required fundamental rethinking.”
The proof has been in the testing. As noted, after two years of real-world and lab testing, the company says it has been 100 percent effective: no system protected by TrustPipe has been compromised, and there have been no false positives or false negatives. They add that the marker technology has also successfully protected against every “zero day” event, including as mentioned Heartbleed and Shellshock.
It is also of note that the TrustPipe solution has a small footprint (less than 2MB on-disk, less than 4MB of RAM (News - Alert) at runtime) and is being positioned as having minimal impact on system throughput and performance.
Scott Markle, CEO of security specialist West Coast Labs, said, “TrustPipe's network security solution performs at the highest level we have ever observed in evaluating security offerings. Through three rounds of extensive testing over a two-year period, we have been unable to hack into any device protected by it, nor have we encountered any false positives or false negatives.”
In addition to announcing it solutions, TrustPipe also announced a reseller agreement with NCR’s Telecom and Technology business who will distribute, install and manage enterprise implementations of TrustPipe, beginning with TrustXP – a special version of TrustPipe designed to harden and extend the life of the installed base of approximately 300 million Windows XP computers.
As even TrustPipe acknowledges there is no security system that is failsafe. However, using the DNA analogy as an indication of the increased accuracy that unique markers can provide for identification purposes, the unveiling of the technology is going to create a likely line of competitors as well as customers who wish to kick the tires to validate the results.
Edited by Maurice Nagle
Back to Mobile Secure