Cyber-security startup TrustPipe launched what it calls a hack-proof solution for computers and devices, using a newly patented protocol called "marker-based security."
TrustPipe discovered that there are distinctive markers, similar to the markers in DNA, that are designed to identify whole classes of threats. It detects and blocks all variants, past and future, of each threat class, so it can tell when something unknown enters a system and makes sure it is quarantined before it can cause any damage.
For example, TrustPipe-protected systems were not vulnerable to the Heartbleed and Shellshock threats because, while those threats were new to signature-based systems, to TrustPipe they were already members of an existing class, so no immediate update was required.
In the case of a new threat class, which occurs once or twice a year, TrustPipe automatically discovers the new threat, protects the compromised computer in real time, and then shares its discovery with every other TrustPipe in the world, inoculating the entire TrustPipe ecosystem.
"While many businesses, large and small, like to think that they are not a target—no pun intended—the fact is that every Internet-connected computer is constantly being probed by hackers," Ridgely Evers, TrustPipe CEO, told eWEEK. "The worst part is, these attacks succeed just because you are connected to the Internet—you don't have to "do" anything to expose yourself."
Evers noted thousands of new attack vectors are uncovered each year—more than 18 per day in 2013—far outstripping the abilities of even the best network security teams to stay current.
The platform was developed by a team of Silicon Valley veterans with experience in network security, including data scientist Kanen Flowers and Evers, co-founders of nCircle, which was acquired by Tripwire last year.
Determining the ROI of security is challenging because "the benefit is 'bad stuff that didn't happen,' which is tough to measure," Evers said. "Therefore, when a business is contemplating alternative ways to use its resources, security is hard to cost-justify. That was one of the primary drivers behind our decision to keep the cost of TrustPipe—both the consumer as well as the business versions—extremely low."
The company also announced it has signed a reseller agreement with NCR's telecom and technology business, a specialist in consumer transaction technologies with a presence in 180 countries worldwide.
NCR will distribute, install and manage enterprise implementations of TrustPipe, beginning with TrustXP—a special version of TrustPipe designed to harden and extend the life of the approximately 300 million Windows XP computers still in use around the world.
The enterprise version, TrustPipe for Business, is available from NCR, by visiting NCR's Website, while the consumer version is available from the TrustPipe Website.
"The trend lines are clear—as the value of data on the Internet grows, the sophistication, patience and funding of attackers grows even faster. There are no barriers to entry for bad guys, and there are huge financial or political rewards," Evers said. "In other words, things are going to get worse with time."