TEL AVIV, Israel--(BUSINESS WIRE)--Don’t you think it’s absurd that we participate in this endless race to manage and patch vulnerabilities, even though new ones appear all the time? It's like swimming upstream—no matter how hard you paddle, the current is overwhelming and unlikely to settle down soon.
We repeatedly spend all this time and money, essentially with no finish line in sight, all while unknown threats remain hovering over our heads. Your R&D department shouldn't need to spend +2,000 hours per week implementing patches and handling vulnerabilities. Surely, there must be a better, more sustainable solution out there.
The existence of a vulnerability is ever-present and inevitable. This rings true for any kind of software. A flawless state is something the industry should always aspire to, but can rarely be reached.
Let’s take memory-based vulnerabilities as an example. They are widespread and represent a high-end threat to IoT devices, responsible for 70% of Microsoft’s patch Tuesdays. Thousands of such memory-based vulnerabilities are reported each month, yet this number only reflects reported instances Instead of manually patching up all these memory-based vulnerabilities, what if we simply prevented the exploitations of them? Think about it: No exploitation, no damage.
The existence of a vulnerability itself is not enough for a threat actor to cause damage. First there has to be a specific vulnerability to initiate the attack. But all it takes is one exploit to initiate an attack. If a company moves its focus from investing resources into manually and arduously patching vulnerabilities, to automatically identifying and preventing the exploitation attempt through proactive security controls it will save time and money.
For every single type of memory-based vulnerability, a certain step must be performed which is distinctly recognizable and identical across all attacks. Focusing on identifying and preventing that step could eliminate an entire class of existing and future memory-based vulnerabilities from potential exploitation. If it’s not exploitable, it’s not a vulnerability.
At Sternum (https://www.sternumiot.com/), we call these identical and necessary steps the Exploitation Fingerprint™. Just like a sophisticated detective, our technology tracks, identifies, and locates this Exploitation Fingerprint™ in real-time to flag the presence of an attacker, and prevent the attack itself.
The company maps different elements that make up the Exploitation Fingerprint™ and the corresponding malicious operations that need to be prevented. Going back to the memory-vulnerability exploitation, Sternum can see it in action.
In order to exploit a memory-based vulnerability, the attack must corrupt the memory in some way: writing outside of bounds, or corrupting existing data. Without corrupting the memory, attackers cannot use the vulnerability to cause any damage. The corruption of the memory is a distinct, necessary, and compulsory step to every memory vulnerability exploitation which takes place.
Sternum’s Embedded Integration Verification (EIV) product takes advantage of this bottle-neck. (If an attacker doesn’t have full control over the software, he or she must corrupt the memory in order to achieve it). The technology monitors and verifies each memory operation, inspecting and validating its integrity in real-time. When EIV determines that a memory operation will result in the Exploitation Fingerprint™ in memory, it prevents it from happening, in essence preventing any corruption of the memory, paralyzing any potential exploitation. This makes the existence of the vulnerability meaningless.
EIV operates the same way for many different classes of vulnerability. The result is achieving a sustainable, long-term, cybersecurity peace of mind.
EIV has reached a 96.5 percent total prevention rate of memory-based vulnerabilities in industry benchmarking metrics. This includes a 100 percent prevention rate of memory overflow vulnerabilities, a 100 percent prevention rate when testing in research labs and in-field by our customers as well as full prevention of all latest memory-based, fileless attacks and/or critical CVEs that were disclosed as part of the Ripple20 and Amnesia:33 publications.
Combined with Sternum’s ADS (Analytics & Detection System), customers have true cybersecurity and visibility peace-of-mind.
Patch at Your Own Pace, Regain Control
For Sternum customers, patching and updating happens at their own volition, along with an already pre-scheduled update. They are no longer hostage to critical vulnerabilities, forcing them to speed up and update in order to avoid disaster. They are no longer listed vulnerable to disclosed vulnerabilities, needing to defend themselves. They no longer invest many R&D resources to initiate a mitigation, since they are already immune.
They are in control over the cybersecurity of their devices. This is an important thing to emphasize. Sternum customers are in control. Not their third-party potentially vulnerable components, not the vulnerability management pressure, and certainly not attackers. Sternum safeguards their assets, while saving money and proving ROI.
It's time to end the vulnerability wild goose chase. Stop mitigating, start preventing.
Sternum, the multi-layered cybersecurity and analytics company, offering real-time, embedded protection for IoT devices, was founded in 2018 by a team of highly experienced research, development, and business leaders, many coming from the Israeli Defense Forces’ (IDF) elite 8200 unit. With a profound understanding of embedded systems, deep insights into defenders’ and attackers’ mindsets, and a goal of creating a new standard of cybersecurity for IoT devices, Sternum set out to build uncompromising, innovative technology. Sternum’s product suite consists of two key solutions: Embedded Integrity Verification (EIV) and the Analytics & Detection System (ADS); both answer the unique needs of IoT device manufacturers in medicine, industry 4.0, smart cities, energy, and beyond. For more information, visit https://www.sternumiot.com/