Virsec today announced its Deterministic Protection Platform (DPP), ensuring better protection against all known and unknown threats to software workloads, and reducing threat actor dwell time from minutes to milliseconds, with true protection and runtime observability.
Combining the broadest attack coverage and highest accuracy in the industry, DPP by Virsec protects server workloads across the entire runtime stack, eliminating false positives, when deployed on bare metal, virtual machines (VMs), containers, or in the cloud.
DPP by Virsec is the next evolution of the company’s flagship and award-winning Virsec Security Platform (VSP), which was the first solution that could truly eradicate threats to the software workload at runtime in real-time. DPP by Virsec makes security response obsolete by improving the protection that conventional, probabilistic solutions simply cannot:
- Full application stack protection at runtime, automatically protecting vulnerable workloads covering all facets including applications, files, processes, and memory space that are typically targeted by attackers.
- Only trusted execution is allowed, ensuring zero adversary dwell time and stopping an attacker’s malicious actions within milliseconds against both known and unknown threats—specifically protecting against ransomware, remote code execution, supply chain poisoning, and memory-based attacks.
- Uniquely detects advanced attacks at the web, host, and memory levels that bypass Extended/Endpoint Detection and Response (X/EDR), Web Application Firewall (WAF), Intrusion Detection and Prevention System (IDPS), Endpoint Protection Platforms (EPP), and Antivirus (AV) solutions. It can reduce, or entirely negate, the need for patching.
- With its read-only approach to mapping the software workload, DPP by Virsec does not harm applications while providing true protection. This unique approach also allows for fast deployment, performance maintenance, and automation at scale.
“Security practitioners are exhausted at the failed promise of ‘protection’ when many vendors merely offer alerts after an attack on their applications. As we’ve seen with Log4j, PrintNightmare, and other recent attacks, this approach is not working,” said Dave Furneaux, Cofounder and CEO of Virsec. “When we founded Virsec, we took a ‘first principles’ approach to protect software, regardless of the attacker’s preferred exploit or attack method. Now, the name of our platform says it all–we can determine what your software is supposed to do and immediately stop any attack.”
Attacks continue to increase exponentially. In 2020, the FBI saw more than 2,000 ransomware incidents, and more than a 200% jump in ransom demands in 2021. Software vulnerabilities continue to plague legacy and modern systems and the commonality among these events is that they target – and in many cases hide within – software at its fundamental levels on hosts and in memory. In fact, on its 20th Anniversary, OWASP updated its top 10 most critical risks to applications and added a new category, Software and Data Integrity Failures. Attackers are constantly changing their techniques. EDR and other traditional tools don’t protect against the “attack-of-the-week.” A new approach is needed.
DPP by Virsec secures the full-application stack – web, host, and memory – at runtime, regardless of application type or environment. This deterministic approach to security ensures precision protection for legacy unpatched workloads, consolidated VMs and containers, and provides runtime web application protection and application control. The platform’s coverage for all of these use cases helps organizations achieve better protection, reduce the cost of operations, and ensures continual compliance, aiding their overall business outcomes.