Morphisec Knight for Linux proactively prevents advanced evasive attacks

At RSA Conference 2022, Morphisec launched Morphisec Knight for Linux, a standalone security solution purpose-built for Linux servers to stop supply chain, data theft, ransomware, and other advanced attacks.

It provides lightweight cloud and server workload protection across bare metal, virtualized servers, and CWPP with almost no performance impact or false positive alerts. Knight uses Morphisec’s revolutionary, patented, Moving Target Defense (MTD) technology to proactively prevent advanced attacks. Knight is low-friction, cost-efficient, and highly effective.

We live in an era of digital transformation and cloud migration, and the cloud creates a vastly increased attack surface. With Linux running 90 percent of the public cloud and 70 percent of web application servers, it has become a significant target for threat actors. Last year alone, malware targeting Linux distributions jumped by 35 percent.

Security teams are trying to confront this reality armed with server security solutions that are often adapted from Windows and desktop environments, with well-known limitations and limited attack surface hardening. They are less effective against advanced attacks, which are specifically designed to evade signature-based and known behavior/TTP—oriented solutions such as NGAV, EDR, and XDR.

Morphisec Knight for Linux effectively protects against today’s advanced cyberattacks. These threats typically use in-memory, fileless, living off the land (LotL), man-in-the-machine (MiTM), and code execution tactics and techniques. Many rely on remote code execution (RCE) and privilege escalations (PE) for data exfiltration and extortion, with or without long-lasting persistence to evade detection.

“Linux is the primary operating system for the cloud and a significant portion of on-premise servers,” said Morphisec Chief Technology Officer Michael Gorelik. “And with cloud computing and on-premise attacks now becoming more sophisticated and rapidly escalating, you need dedicated, robust Linux server protection. Morphisec Knight for Linux proactively prevents advanced evasive attacks that bypass traditional security and hardening techniques. It deploys in minutes and provides deterministic prevention with little to no false-positive alerts. Knight can augment and enhance detection and response solutions with advanced protection that isn’t reliant on behavior analysis or signatures for attack prevention.”

“Morphisec Knight for Linux is highly effective and comprehensive,” said the independent security consulting experts at MDSec, who authored the highly regarded Web and Mobile Application Hacker’s Handbook series. MDSec tested Knight’s effectiveness against typical MITRE ATT&CK tactics and techniques, and found “Knight for Linux was seen to offer a high level of protection against memory corruption, shellcode injection, and similar attacks when used for initial access or privilege escalation.”

Morphisec Knight for Linux creates a dynamic, unpredictable attack surface that protects vulnerabilities and critical assets/services from threat actors. Knight also employs modifications in memory that prevent cybercriminals from reusing attacks. And it creates a skeleton or false front to trap evasive malware while enabling legitimate applications to run unimpeded. Morphisec Knight can work in information technology and operational technology networks, and supervisory control and data acquisition systems, whether connected or disconnected from backend systems. Knight deploys in minutes, doesn’t impact server performance, and requires no updates.