Greencastle Vulnerability Shielding Technology

Greencastle™ Technology: Simpler, Better Security

Hackers are now looking for profit. They have given up on the old high-visibility mass attacks, such as worms, and are focusing on where the valuable data, and thus the money, will be found. They are using new, often focused, attacks based on unpatched or unknown vulnerabilities. The day after Patch Tuesday is now known as attack Wednesday — any vulnerability not patched on Tuesday is available for attacks during the next month or two. They are targeting individual companies both to increase profit and to hide their activities until it is too late. McAfee and Symantec will not find out about these attacks until way too late.

The hackers are now after credit cards and financial data. They are after personal data for identity theft. They are looking for intellectual property and inside information that they can sell to outsiders.

Vulnerability Shielding™

Each single software vulnerability hole breeds hundreds of attacks. Attacks are like flies buzzing in through the vulnerability holes in your system. If you had a hole in your window screen, would you hire somebody to stand outside and swat flies (like anti-virus solutions do) or would you block the hole until you could get the screen replaced? Greencastle™ Technology introduces a simple new way stop these swarms of attacks, Vulnerability Shielding™ by going to the root of the security problem. When a new vulnerability hole is discovered, Greencastle distributes data to identify the holes in the vulnerable components and instantly Shield the holes from use by attacks. There are no software updates or reboots required. Attacks are prevented before they have a chance to run and cause damage.

Vulnerability Shielding™ provides a major advance in the goal of keeping mission-critical applications running reliably and efficiently.

Greencastle™ Vulnerability Shielding™ watches all the known vulnerabilitiy holes of each and every vulnerable executable that runs on a system. This allows complete control of the system environment in which mission-critical applications run. You do not want unauthorized applications running in this environment and you certainly do not want malware running there either.

The main problem with current security approaches is the negative perspective — trying to identify each one of the swarm of software attacks by means of individual binary patterns or by suspicious or out-of the-ordinary behavior. With proliferating attacks and ingenious attackers, such negative approaches will require continuous oversight and escalating expenses while still leaving serious gaps.

Greencastle’s Solution: Vulnerability Shielding™

Greencastle™ uses a unique low-overhead approach to watch and identify any new software that tries to enter through a vulnerability hole. This way Greencastle™ identifies new attack software as soon as it appears, sending out alerts and blocking it from running or doing any damage. This means it will no longer be necessary to reload the OS and all applications on each machine after an attack.

Unlike current monitoring and security solutions, Greencastle goes to the deepest level of the computer, down to the hardware level. Other solutions allow attacks to become invisible by letting them get below their validation mechanism. Greencastle is the first technology that goes to the level beneath which attacks simply cannot go — so they are always visible.

With older approaches if an attack is not detected by known binary patterns, the attack must actually start running before it can be detected. Then the security administrator would have to discover the route by which the attack got in and quickly figure out a way to block that route. After that the administrator would need to spend at least an hour per compromised machine reloading the OS and applications. With Greencastle™, such panic mode behavior and drudgery is obsolete because the attacks simply can’t run.

Greencastle Compliance

What about compliance and policy? We provide complete reports any software components trying to enter and run in a vulerable application. Greencastle can also track and report on any changes to executable components, easily detecting any unauthorized software changes.

Greencastle’s Current Product

Our 2.0 product is tailored to the Windows® XP market. It is epecially well suited to mission-critical systems where application failure, spyware and Zero-Day attacks are just not acceptable. Greencastle’s Vulnerability Shielding™ technology is the only one that can provide not only application health, but also application safety.

We are adding capabilities to allow Greencastle™ to run in more complex environments and can tailor solutions. We’d be happy to discuss this with you.