The outbreak of Covid pandemic brought several significant changes across industries and one such major change happened due to surge in communications which led to wholesale shift of operating businesses online and this increased the risk of cyberattacks by an order of magnitude. According to a survey, in February 2021, there were 377.5 million brute-force attacks, as compared to 93.1 million witnessed at the beginning of 2020. To understand the threat landscape during the pandemic and beyond, Rashi Aditi Ghosh of Elets News Network (ENN) spoke to Satya Gupta, Chief Technology Officer, Founder, Virsec. Virsec provides application-aware workload threat protection.
During the interaction, Gupta spoke to us regarding the ongoing challenges, which helped the firm in shaping its new solutions and future growth plans.
Excerpts of the interaction:
1. The pandemic accelerated the digital delivery model across industries. How did Virsec grow technologically amid the uncertainty?
During the pandemic, we have observed three big-ticket concerns that helped shape Virsec’s products:
First, almost all organizations, both commercial and government, have started consuming software in areas they would otherwise not have consumed in the next 3 years. When this phenomenon is viewed alongside the very serious supply chain attacks such as the recent SolarWinds and Kaseya attacks, we found that the typical CISO is increasingly recognizing that their existing EDR tools require learning, tuning, tweaking and threat feeds and invokes protection against malware far too slowly to be of any value. CISOs are actively looking for cyber security tools that can protect their workloads proactively. A workload is typically any software or application that runs on a server, which houses the crown jewels of an organization.
Second, enterprise IT is getting very concerned with how many additional security analysts they must hire with each new security tool they deploy. The OPEX and complexity associated with the adoption of probabilistic tools is making the ROI of these tools unattractive. Instead, CISOs are beginning to turn to tools that generate very little to no false positives, thereby reducing the number of analysts that must be employed. A cyber security tool that provides deep forensics can eliminate manual effort that can easily go wrong.
Third, with the increased use in the number of new software applications, there has been an explosion of consequent vulnerabilities. The typical enterprise feels overwhelmed when accepting new software from their vendors. They do not have any objective means to evaluate how many vulnerabilities may be lurking in the software they are about to deploy. Their current strategy is to hope and pray that their new software will not lead to more problems. The CISO is increasingly looking for security products that can harden the application so that it cannot be abused even if there are lots of vulnerabilities lurking in the code.
2. How significant are software applications for transforming businesses?
As Marc Andreesen wisely observed, “Software is Eating the World”. It is no coincidence that 33% of the NASDAQ is composed of the FAANG [Facebook (FB), Amazon (AMZN), Apple (AAPL), Netflix (NFLX), and Alphabet (GOOG)]companies, all of whom are software technology giants.
Software is permeating everything we do for work or pleasure from the moment we wake up to finally when we shut our eyes at night. Businesses are even more dependent on online services such as email, CRM, product management, asset management, inventory management etc. Not having an online presence from where customers can buy products or services is unimaginable.
3. Are businesses more prone to cyber threats with digital dependence. How can Virsec help them in securing their applications?
The National Vulnerability Database (NVD) maintains statistics on new products and new vulnerabilities being added into the database monthly. Both numbers are exploding on a month-on-month basis. Keeping up with patching these vulnerabilities is logistically impossible. Even if somehow these vulnerabilities were magically patched within 48 hours, recent attacks such as SolarWinds, Hafnium, Kaseya etc. have shown that a very large number of enterprises will still become victims to attackers. At the same time, the attackers are getting smarter, better financed and even turning to affiliates who operationalize the actual attack.
Virsec provides protection that executes faster than the malware can execute. All this without EVER needing threat feeds, signatures, learning, tuning and an army of Incident Analysts and Responders. Virsec’s Compensating Control technology can prevent vulnerabilities from being exploited with or without the patch being applied. In fact, it can protect against vulnerabilities that have not even been disclosed into the NVD.
4. Would you like to tell us about your security platform? Why is it unique?
The Virsec Security Platform (VSP) delivers deterministic zero dwell-time protection against both known and undisclosed malware and vulnerabilities and attacks that leverage such vulnerabilities. It does not need signatures, source code, threat feed, learning etc. and therefore can even be run in isolated environments.
VSP starts by automatically extracting several static and dynamic guardrails(called App Maps) from for any application. These AppMaps subsume the developer’s intent of how the application will work in real-time. Thanks to the 50+ patents that power Virsec’s technology, VSP does not need source code and does not burden its users with extracting these guardrails. Then at runtime, a very lightweight VSP sensor embedded in the application ensures that the application executes precisely as envisioned in the AppMaps by the developer. This monitoring allows VSP telemetry to know precisely and within milliseconds as an attacker attempts to wrest execution control from the application and attempt to execute malicious code of their choosing. Extremely early VSP detection and protection ensures that not even one instruction of the attacker’s code can execute.
No other contemporary cybersecurity product factors in deep knowledge about the application’s intended behavior. Instead, they push the burden of learning what is normal for the application onto enterprise DevOps/ IT. Unfortunately, since there is an explosion of software, and given the complexity of modern enterprise apps, “learning” all known behavior of the application infinite time is neither practical nor viable. Without a very precise definition of what is normal and what isn’t, it is impossible to protect an application deterministically.
5. You hold more than two decades of experience in firmware architecture. Why is it such an important domain in today’s era?
My extended experience with embedded code has given me the ability to understand not only how developers produce code but also how computers use and process object code. Without the ability to understand the complex but invariant principles used by today’s processors, it is not possible to offer deterministic millisecond protection, which is key to blocking malware before the malware has the opportunity to execute even one instruction.
6. Would you like to tell us about your company’s growth plans for 2021?
Virsec’s vision statement is to make cyber threats irrelevant. Our customers resonate strongly with this vision because they want to focus their attention on their mainstream business rather than live in constant fear of cyber attackers ruining their business continuity and reputation.
While our long-term growth plans are to secure any workload running anywhere, in the remaining four months of the year, we plan to aggressively expand our customer base in sectors that are known to be early movers on the innovation adoption curve. These sectors typically include the Defence, BFSI, Healthcare, and Technology sectors. Some of our very eminent board advisors such as John Chambers, ex-CEO, Cisco Systems, and Jim Routh, ex-CISO Mass Mutual are helping Virsec accomplish these goals.