Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 2 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

A shifting paradigm – Virsec’s deterministic approach to cybersecurity

The Guru had the opportunity to sit down with Greg Kelton, Regional Director of Europe at Virsec, to talk about the future of the industry and Virsec’s place within it.

by Guru Writer
July 5, 2022
in Featured, Features, Top 10 Stories
A shifting paradigm – Virsec’s deterministic approach to cybersecurity
Share on FacebookShare on Twitter

Virsec has come a long way in the past few years. As recently as 2017, its technology only focused on memory protection. 5 years, $137 million in funding and the addition of host and feedback protection later, the company is looking to revolutionise cybersecurity, quite literally, from the inside out. 

Greg Kelton, Regional Director of Europe at Virsec, is on the frontlines of that revolution. The enemy? Dwell time.

“We’re seeing a monumental shift in the industry – from detection to protection response. So what does that mean? Detection response is the traditional approach to cybersecurity, stemming from traditional tools such as EDRs, WAFs, and so on. The problem with these tools is their dwell time – that’s the key phrase here. Traditional tools will detect an attack but expect a human to respond, dwell time is the interval between detection and response. A typical dwell time is 6-7 days, but ransomware takes milliseconds to kick in – an obvious flaw, right? What we’re trying to do is eradicate dwell time entirely by moving from a reactive to a proactive approach, protection response, or as we like to call it, a probabilistic to deterministic approach,” Kelton said.

It isn’t just dwell time that Kelton takes issue with. He argues that in the current system, a company must suffer a breach before they, or anyone else, can respond. 

“So right now, the game looks like this: A company suffers a zero-day attack, they put their hand up and admit to it, then every other company scrambles to patch their own zero-days before they suffer an attack. What we’re trying to say is: if we reduce dwell time, no-one needs to get attacked. Of course, this is very difficult to do, and isn’t actually in everyone’s best interest. See, a lot of big names make a lot of money reading log files spit out from the runtime – but by this point it’s too late. Once the data has been analysed, correlated, and placed in front of a human, the attack has already been carried out. This is why it’s called a probabilistic approach. Your traditional tools tell you that you have ‘probably’ been attacked, but it’s up to a human to sift through the false positives and determine whether you were actually being attacked. By the time you know, it’s all over,” Kelton said. 

This is where the deterministic approach comes in. Virsec’s technology doesn’t tell you that you might have been attacked, it determines that you have been hacked, and stops it before the damage is done. 

“Attacks are only exposed at the time of execution. This is the problem with tools such as EDRs, they have no insight into execution, and thus have no idea whether code is malicious or not. We only look at the execution. We’re constantly staring at the runtime, be that memory level, web level, or host level, at execution. Then as soon as we see it’s malicious, we stop it. This is the key difference between a deterministic and probabilistic approach – a probabilistic approach employing tools such as EDRs lets you know when there’s something that might be malicious in your network, but by that point it’s too late, it’s on its way to be executed. A deterministic approach cuts down the perimeter solely to the execution stage, determines if the code is trying to do something it shouldn’t, and shuts it down if it needs to,” Kelton said. 

When asked about the performance impacts that come with a deterministic approach, Kelton argued that it isn’t so much a technology problem, but rather to do with how it is perceived. 

“Staring at the runtime is obviously going to be a performance inhibitor, but our tests have found that it’s only around 1-2%. We like to think of our technology as like wearing a bulletproof vest – yes, it will slow you down a bit, but you’re far more protected than you would be without one. The simple question is, do you want to be the guinea pig, the sacrificial lamb that puts their hand up and admits they’ve been hacked so that your competitors can patch their vulnerabilities, or do you want to know you’re protected?” He concluded.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

TikTok Assures U.S. Lawmakers That They Are Working to Further Safeguard User Data From Chinese Staff

Next Post

HackerOne Insider Defrauded Customers

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information