Endpoint security software provider Invincea has released a new version of its product called, simply and curiously enough, X.
Yes, X. There’s no conventional name for the product, no “signature,” so to speak. This fits the niche of the company to a “T”: Invincea’s security expertise is protecting endpoint devices from signature-less data exploits, or exploits in which the signature is used only once and non-relevant.
A signature on a data breach is what is used to identify the exploit, and it most often uses a hashtag in the identifier. #Nimda, #Michaelangelo and #stormworm are but three of the many example signatures of previous virus worms.
“Most conventional products today rely on a threat having a signature in order to detect it. The problem with the signature-based security approach is that pretty much all the exploits now are one-and-done with a given threat,” Invincea CEO Anup Ghosh told eWEEK. “They use it; it’s expended; they don’t use it again.”
X was developed independently and released May 11 to secure enterprise endpoint devices by combining deep learning with behavioral monitoring in one lightweight agent that provides better protection with fewer false positives. It also runs invisibly in the background and does not drag on a device’s performance, Ghosh said.
No Decision to Make Between Protection and Performance
“Companies remain extremely frustrated that today’s endpoint security products force one to choose between protection and performance,” Ghosh said. “This product was built to eliminate that false choice.”
Benefits of X include, according to Ghosh:
–Reduced security risk while meeting compliance requirements: X combines deep learning (an advanced form of machine learning) with behavioral monitoring to provide more stringent protection. As a result, X prevents threats that get past other endpoint protection products, while providing evidence of endpoint security controls for Federal Financial Institutions Examination Council (FFIEC), Federal Information Security Management Act (FISMA), Payment Card Industry Data Security Standard (PCI DSS) and other regulations.
–Reduces the overhead and exposure associated with patch management: With X protecting enterprise endpoints, organizations are less vulnerable, even if an endpoint doesn’t have the latest patch. As a result, IT can now patch on its own schedule rather than the vendor’s.
–Keeps a workforce productive: Because all of X’s capabilities are included in one lightweight agent, it is invisible to employees. There is no impact on workforce productivity.
–Reduce costs, training and overhead: Because X combines multiple capabilities in one product that is easy to deploy and maintain, organizations can replace duplicative, less effective endpoint solutions. X minimizes the need to manage, train and administer multiple solutions, reducing the overhead on security teams and budget.
Dell Uses Invincea on All Its Devices
Dell commissioned the 10-year-old Fairfax, Va.-based Invincea to supply application-level security to all of its end-user devices—laptops, notebooks, desktops and tablets—under the label Dell Data Protection, in 2013.
Instead of only encrypting the device, locking down the operating system or using a traditional VPN, Dell Data Protection through Invincea puts a shield—or virtualized container—around each browser or application instance to protect it from the rest of the device and the network on which it resides. That way, if a document or link is opened that is infested with a virus, botnet or other digital malady, the instance is isolated and can be discarded with no harm, no foul. A colored edge appears on the window to indicate to the user that the instance is protected.
If there is an invasive incident inside the container, a full report of the instance is recorded and sent back to Invincea to add to its ever-growing archive of malware knowledge.
This is a distinct approach from most others, which generally concentrate on locking down access points, the network, document folders, the device itself—or the operating system, which is what new-gen security provider Bromium does, for example. Each of these options is still available in new Dell devices if users want them.
Invincea’s secret sauce, called DDP Protected Workspace, emerged from a Defense Advanced Research Projects Agency (DARPA)-funded project for advanced endpoint protection. It stops cyber-attacks that include spear-phishing, watering hole attacks, drive-by downloads, poisoned search engine results and others that target end users.