Virsec has unveiled a suite of capabilities that automates the path to zero trust workload protection to increase the speed of protection, stopping attacks—including zero-days—in milliseconds.
Its distinctive feature-set strikes the right balance between granular control, ease of onboarding, and day-to-day operations, with the comprehensive protection. Virsec turns a previously hard-to-use protection approach into a usable solution for security teams of any maturity level.
An industry stuck detecting, not preventing
Detection and response solutions (EDRs) are an established mechanism to secure server workloads, despite their known gaps in stopping attacks before exploitation. According to the 2022 Verizon Data Breach Report (DBIR), “System Intrusions” (e.g., APTs, ransomware, zero-day exploits, etc.) were the attack vector that led to the most breaches in 2021.
The time it takes for EDR solutions to build behavioral and AI models to spot attacks far exceeds the time for an attack to take hold. Compounding the problem is the dynamic nature of workload environments, making it highly labor-intensive to continuously update and patch workloads for the highest levels of protection.
And while organizations desire the best protection, zero trust capabilities—like allowlisting—are often purchased and partially deployed but rarely held to a level that can offer proper protection. This leaves critical security and compliance gaps throughout an organization’s environment.
Stop tomorrow’s zero-day attacks, today
With its latest release, Virsec redefines what is possible regarding zero-trust protection. Virsec, by default, takes the exact opposite approach of EDRs and blocks and prevents any known or unknown threat in milliseconds—before the attack fully executes.
Zero-day, ransomware, web-based, and memory attacks are stopped before runtime, ensuring no exploitation.
“The Virsec solution ensures that only the code you intend to run on your servers is actually run on your servers,” says advisor and former Bank of America CTO and CIO, David Reilly.
“The latest capabilities Virsec has announced include automation and API services that make deployment and integration with existing technologies faster and easier, resulting in enhanced protection for critical workloads,” Reilly added.
One-click web app protection
Protecting web assets requires knowing which applications are on what workloads; however, inventorying a server’s applications is time-consuming and rarely comprehensive. Virsec’s One-Click Web App Protection automatically takes inventory of the web applications in every workload—discovers unknown apps—and then automatically protects them with a single click.
Intelligent, automated allowlisting
Allowlisting is recognized as a gold standard by Gartner to secure servers and workloads. Still, the implementation and maintenance are fraught with difficulties and challenges due to patching, unpredictable updates, and the need to run in dynamic environments.
Virsec tackled this problem head-on to develop an intelligent, automated allowlisting solution with a suite of APIs to streamline deployment and maintenance. Combining automatic rule creation, monitoring, and simple one-click configurations, Virsec takes a time-consuming process and turns it into a repeatable and efficient operation.
The APIs integrate into existing workflows, like Puppet, Chef, Ansible, and SCCM, to dramatically ease the burden of allowlisting maintenance, reduce human error, and apply automatic software updates, amongst other things.
How Virsec works
Virsec maps what’s expected and not expected to run, only allowing trusted apps, files, and processes to run. It prevents malicious code from executing, protecting workloads at every moment. This inhibits any modified code, remote code injection or execution, or memory injection from occurring, eliminating the chance of zero-day exploits, even in unpatched or legacy environments.
Key benefits of the Virsec Security Platform include:
- Zero-Day protection: Prevent zero-day exploits from taking hold of a workload and ensure no lateral movement in an environment. Access more profound insights into Living-Off-The-Land attacks via granular runtime policy categories.
- Auto discovery and one-click web-app protection: Take inventory of web apps and protect them with a single click.
- Easy allowlisting deployments & upkeep: Deploy and easily maintain your allowlist. A wizard-like interface reduces user errors, and pre-built script automation establishes threat, trust, and provenance for files and processes with seamless integrations with existing tools.
- Memory exploit protection: Stops attempts to inject and run malicious code from memory. Exploit techniques are detected and stopped in real-time without needing any signature, learning, or customization for major Windows and Linux OS.