LynuxWorks Debuts Industry’s First Real-time Zero-Day Rootkit and Bootkit Defense
LynxSecure 5.2 adds new features to help protect endpoints against the most potent and stealthy advanced persistent threats
SAN JOSE,CA – 28 February 2013 – LynuxWorks, Inc., a world leader in secure virtualization, today announced that they will be demonstrating the industry’s first technology capable of real-time detection, alert and protection against zero-day rootkits and bootkits. Rootkits are the most sophisticated and lethal type of malware--stealthy and extremely potent. When resident on endpoint devices, the LynxSecure 5.2 product can help security experts and IT staff discover rootkit infections and neutralize them, and then easily remotely clean infected machines, thereby preventing future infections.
LynxSecure 5.2 is the next version of the established secure separation kernel and hypervisor from LynuxWorks. Designed from the ground up with security as a key design goal, this military-grade virtualization solution is now available for Enterprise users. It is small, secure and offers high performance that is well suited to today’s modern roaming endpoints, such as laptops and hybrids. Now adding a feature that does real-time detection of stealthy advanced persistent threats such as rootkits, brings the use of this technology to the front of Enterprise security protection.
“This new feature in LynxSecure 5.2 really shows off the power of using virtualization technology to protect endpoints,” said Robert Day, vice president of marketing at LynuxWorks. “We will be demonstrating several examples of LynxSecure protected endpoints including live defense of a real rootkit.”
Rootkits work at the lowest levels of the operating system (OS) they intend to attack. Thus, it is a self-defeating cause to try and have a detection and prevention mechanism that is a part of the “target of attack.” The approach to combating these insidious threats needs a mechanism that offers a completely different security posture: It must execute with a higher privilege than the attacked OS; provide complete control of the platform hardware; and monitor all activities of the OS and its applications. Also, this mechanism must be self-protecting, non-bypassable and tamper-proof. LynxSecure provides a comprehensive end-to-end solution, fully manageable by IT staff, while providing a detailed real-life picture of the rootkit infections in the corporate network.
“Rootkits are not only the most dangerous cyber-threat, but also the most common one. Daily we witness new cyber-attacks on major corporations, media companies and government agencies. What’s common to these attacks is that the targets are endpoints and that the malicious payloads are rootkits and bootkits.” said Avishai Ziv, vice president of Enterprise Security solutions at LynuxWorks. “The existing dedicated tools for detecting and removing rootkits and bootkits are very few, provide only partial remedy and require a lengthy, complicated process. Our technology is the only one capable of handling the entire cycle while the endpoint is still active, with swift, remote remediation.”
The LynxSecure “Type-0” hypervisor is a new bare-metal architecture, designed by LynuxWorks, that differentiates from type 1 hypervisors by removing the un-needed functionality from the “security sensitive” hypervisor mode, yet virtualizes guest OSes in a tiny stand-alone package. By combining the best-of-breed capabilities of the separation kernel technology and virtualization, LynxSecure provides unmatched capabilities to run one or more guest OSes using common PC platforms.
LynxSecure provides one of the most flexible secure virtualization solutions for use in Intel® architecture-based embedded and IT computer systems. Designed to maintain the highest levels of military security offering a MILS architectural approach, and built-from-the-ground-up to achieve it, LynxSecure offers an industry-leading combination of security with functionality. This allows developers and integrators to use the latest software and hardware technologies to build complex multi-OSes based systems. LynxSecure offers two types of device virtualization, either direct assignment of physical devices to an individual guest OS for maximum security, or secure device sharing across selected guest OS for maximum functionality in resource constrained endpoints such as laptops.
LynxSecure also offers two OS virtualization schemes: para-virtualized guest OS such as Linux offering maximum performance; and fully virtualized guest OS such as Windows, Solaris, Chromium, LynxOS-178 and LynxOS-SE OS requiring no changes to the guest OS. Another key performance feature that LynxSecure offers is the ability to run both fully virtualized and para-virtualized guest OS that have Symmetric Multi-processing (SMP) capabilities across multiple cores. The LynxSecure rootkit detection and protection hypervisor now offers a new level of protection.
LynuxWorks is world leader in secure virtualization and open and reliable real-time operating systems (RTOS). The company's LynxOS family of OSes offers open standards with the highest level of safety and security features, enabling many mission-critical systems in defense, avionics and other industries. The latest product in the portfolio, the award winning LynxSecure offers a secure separation kernel and hypervisor that forms a virtualization platform for securing both embedded and IT systems. Since it was established in 1988, LynuxWorks has created technology that has been successfully deployed in thousands of designs and millions of products made by leading communications, avionics, aerospace/defense, and consumer electronics companies. LynuxWorks' headquarters are located in San Jose, CA. For more information, visit www.lynuxworks.com.
LynuxWorks is a trademark and LynxOS is a registered trademark of LynuxWorks, Inc. Other brand or product names are registered trademarks or trademarks of the respective holders.
Peter van der Sluijs
+44 (0) 1296 628180