Virsec Security Platform

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Virsec
Company size (employees)50 to 99
Type of solutionHybrid

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

• Virsec is the only security solution protecting applications in runtime memory across the full application stack from web to memory to CPU. Virsec delivers security from the inside out, allowing applications to defend themselves, protecting at the memory-level in real-time, precisely spotting advanced attacks and taking immediate action to cut off access or alert other network security tools. By taking this unique approach and making it effective and scalable, Virsec allows organizations to consolidate their security infrastructure, eliminate redundant tools and achieve much more effective results.

• Spectre and Meltdown present new, unchartered security challenges. These exploits expose flaws in processors that are far below the radar of conventional security tools. Speculative execution, used in most processors for the last 20 years, can expose cached data to side-channel attacks. Virsec is in a prime position to solve this problem because of our unique location between applications and process memory calls.

• Virsec is a pioneer in addressing the important security needs of critical infrastructure and IOT systems. Many of these systems were designed for isolation, may be decades old, and are increasingly are at risk. Numerous recent attacks have targeted power plants, water facilities, and other critical utilities. Virsec has partnered with Schneider Electric, a leader in industrial control systems to deliver advanced security to the ICS industry. These systems will not change overnight, and updating un-patchable older platforms, or taking systems offline for maintenance can be a non-starter. Security in the real world needs to protect infrastructure as it is and protect applications in any state. This is exactly what Virsec provides.

Brief Overview

Virsec delivers an innovative approach to protect against today’s advanced cyberattacks. Instead of relying on signatures of past attacks to guess what’s coming next, Virsec precisely pinpoints attacks at the source, within any application.

Virsec maps correct application behavior, and instantly detects and blocks deviations caused by attacks. This deterministic approach stops threats in real-time, delivering unprecedented accuracy, without false positives.

The solution protects any application, patched or unpatched, across the full application stack including web applications, interpreted code, malicious scripts, file integrity, compiled binary code, and process memory – protecting memory usage on a block by block basis. Virsec also delivers an immediate solution for the processor flaws exposed by Spectre and Meltdown.

Virsec’s patented Trusted Execution™ technology
• Maps acceptable application behavior and instantly blocks deviations caused by attacks,
• Ensures application integrity at run-time spotting any kind of malicious scripts, process manipulation, file tampering and more,
• Stops memory-level exploits, fileless, zero-day and unknown attacks that are indefensible by other solutions,
• Positively stops web attacks with malicious input such as SQL injection, cross-site scripting, path traversal and more,
• Stops Spectre/Meltdown exploits by creating virtual fences around sensitive instructions to selectively limit speculative execution
• Provides precise forensics and real-time enforcement with APIs connecting any security devices

The platform architecture is highly-scalable and adds minimal latency to applications. Lightweight AppSensors are deployed at each application host, while all processing, enforcement, and management take place in a stand-alone server.

Virsec is run by industry veterans who are passionate about changing the balance of power in cybersecurity and restoring control to organizations. Innovation runs deep in everything we do, and the company has developed extensive IP with more than a dozen patents in critical areas of security.