Through my connection with Pete Jarvis, I recently learned about Polyverse.io
- https://blog.polyverse.io/so-what-does-polymorphic-linux-fix-bb68c809cf14
- "More than two-thirds of the vulnerabilities disclosed in 2017 were exploitable by memory-based cyberattacks. Polyverse mitigates all of them."
The company has assembled an impressive team:
- Alex Gounares, CEO:
- Former CTO AOL, CTO Microsoft Online
- Bill Gates Technology Advisor (TA) for four years
- Archis Gore, CTO:
- Winner of code for Bill Gates contest in India (150K+ applicants)
- Ran site reliability and security for Amazon.com globally
- Chris Hanaoka Chief/VP of Engineering:
- Ran Azure Cloud Infrastructure at Microsoft 1M+ servers
- VP Engineering Yahoo
- VP Engineering Ask.com
- Steven Potter, VP Global Sales:
- $12B+ in government and commercial contracts awarded over his 20 year career
- Army Invention of the year
- Navy SEAL
- Pete Jarvis, VP Business:
- Nortel Networks Presidents award for innovation for CentrexIP,
- Ran Microsoft UPnP Forum,
- Named contributor to WS-Security, WS-Eventing, WS-Discovery.
"Security is complicated, and companies often don't have the personnel or resources to protect themselves. Polyverse enables 'No Click Security', that protects you before, during, and after a fileless attack. It takes five steps to install and protect yourself. https://polyverse.io/polymorphic-linux-installation-guide/ and enables expansion of Splunk, Elastic and MicroFocus ArcSight threat detection capabilities."
"What: Polyverse overcomes hacking by hiding operating systems in plain sight: where you have a million threats to one operating system, Polyverse provides millions of operating systems to one threat. We support public cloud, private data center deployments, and Arm, Intel architectures for embedded deployments."
"How: Polyverse inverts the problem, we take the OS and recompile it so each OS instance is unique at a memory and stack level. Polyverse's goal is to change the economics of attack in support of the defense. How so? Today, an attacker can invest 10 million in the creation of an exploit that takes control of an operating system. The attacker then recoups the investment across millions of devices, further once detected they will sell the exploit to others. Polyverse stops the first operating system investment being applied to the next. This breaks the economic model of attack. Polyverse consumes the resources of the attacker and stops them from recouping their time, and money across [N] devices."
"The Result: The attack is detected, thwarted and the attacker goes elsewhere."
"Status: Today, Polyverse works with the US Government, DLT, Microsoft, Amazon Web Services, MicroFocus, RedHat, Ubuntu, Alpine, and others to stop fileless attacks in the wild. Polyverse most notably does not change the source code of the operating system in any way, only the compiled binary operating system image layout. This approach drastically reduces the attack surface for the attacker, yet requires no changes to developer or user behavior."
"Detect, Defend, Deter: Here is a video overview of a simulated zero day stack attack on an OS, without and with Polyverse. In the case of with Polyverse the attack triggers a segmentation fault. Thus, we can deploy 10 instances – 6 standard, and 4 Polyverse instances and monitor the systems with Elastic, Splunk or Micro Focus ArcSight. If the four Polyverse instances seg fault, and the six standard do not we infer that a zero day exploit has been applied and notify the administrator."
https://vimeo.com/259728601
"Polyverse can be used to enhance your site detection capabilities in collaboration with Elastic, Splunk and MicroFocus to signal attack, and defend and deter attackers."Partnerships / Certifications:
- Docker Member
- Open Container Initiative Member
- Red Hat Technology Partner
- VMware Partner Ready for VMware Cloud on AWS
- Open Invention Network Member
Pete shared some noteworthy penetration testing results from a real-world public security hackathon:
- "None of the teams could to gain access to Polyverse VM's."
- "Most people/teams would spend 20-30 minutes attempting to gain access, got frustrated and then moved on to the other VM's without Polyverse."
- "Conclusion: The attacker saw a better door lock, and moved on to an easier target."
- "Zero Polyverse customers have been remotely exploited by fileless attacks "
Another interesting bit:
Polyverse runs "the largest build farm for Linux in the world on AWS. (200K build jobs at any given time, 1M+ jobs at peak, 10 Complete Linux Distributions rebuilt twice a day for every machine.)"
For those interested in more information, please contact Pete Jarvis, VP of Business, Polyverse:
These YouTube videos may also be of interest:
No comments:
Post a Comment