LynuxWorks demonstrates its Rootkit Detection System to IT security experts at the Virus Bulletin Conference
Berlin, Germany– 2 October 2013 – LynuxWorks Inc., a technology leader in the cyber threat defense market, announced that the company will demonstrate the RDS5201, a new and unique product to help detect the stealthiest of advanced persistent threats (APT), the rootkit,at the Virus Bulletin Conference in Berlin on October 2 - 4. The Virus Bulletin Conference brings together security experts from government and military organizations, legal, financial and educational institutions and large corporations worldwide and covers a wide range of anti-malware and spam-related subjects.
LynuxWorks Rootkit Detection Demonstration (Booth 8):
In the LynuxWorks booth, there will be a demonstration of this new small form factor appliance that has been designed to offer a unique detection capability that complements traditional security mechanisms as they try to protect against the growing number and complexity of cyber threats. Able to detect low-level, zero-day rootkits--the lethal payload of most APTs, the custom-built hardened appliance serves as a smart proactive sensor against APT attacks in IT networks and reduces the agonizing detection of APTs from weeks/months to seconds, and is the first and only technology capable of detecting and alerting against such threats in real-time.
The RDS5201 is built on LynuxWorks LynxSecure 5.2 separation kernel and hypervisor, offering a secure platform to contain and watch these malicious threats.
“Detection of multi-stage APT & sub-OS rootkits calls for new technology and new class of products, specifically designed to deal with these normally undetectable cyber threats,” said Avishai Ziv, vice president of Cyber Security Solutions at LynuxWorks. “The RDS5201 Rootkit Detection System, powered by our unique and innovative secure hypervisor, does that: Real-time detection of all sub-OS infections, coupled with immediate and accurate live forensics data.”
Based on the LynxSecure separation kernel and hypervisor, The RDS5201 offers a non-detectable secure platform that is used to exercise potential infections and with the introduction of the patent pending rootkit detection feature from the 5.2 release. These stealthy threats are revealed as they attack their virtual victim. LynxSecure is the most privileged monitor in the RDS5201 platform, and constantly monitors for malicious and irregular activity in key disk areas (MBR, key blocks and sectors); physical memory areas; CPU instructions and data structures; interrupt data structures etc. This detection is completely OS agnostic, as it’s situated below any of the guest OS. Upon detection, the RDS5201 immediately alerts and sends an automated live forensics report to its dashboard. The report contains visual representation (such as the clean and infected disk sectors in-memory data structures), allowing rapid and focused threat response. The RDS5201 can also be connected to other network protection systems such as SIEM and threat management systems, offering an early warning mechanism that complements and enhances existing security solutions.
LynxSecure is a "Type-0" hypervisor, which features a new, least privilege architecture that differentiates from type 1 hypervisors by removing the un-needed functionality from the "security sensitive" hypervisor mode. LynxSecure provides the ability to fully virtualize multiple unmodified guest OSs and includes real-time development tools to give developers granular control over hardware platform resources for managing guest OS resource allocation, execution scheduling and intercommunication. By combining the best-of-breed capabilities of the separation kernel technology, virtualization and real-time development tools, LynxSecure provides unmatched capabilities to build advanced integrated solutions on standard commercial-off-the-shelf (COTS) embedded targets.
LynuxWorks, a world leader in the embedded software market, is committed to providing open and reliable RTOS and software tools to embedded developers. The company's LynxOS family of operating systems offers open standards with the highest level of safety and security features, enabling many mission-critical systems in defense, avionics and other industries. The latest product in the portfolio, the award winning LynxSecure offers a secure separation kernel and embedded hypervisor that forms a platform for the development of high-assurance systems. Since it was established in 1988, LynuxWorks has created technology that has been successfully deployed in thousands of designs and millions of products made by leading communications, avionics, aerospace/defense and consumer electronics companies. LynuxWorks' headquarters are located in San Jose, CA. For more information, visit www.lynuxworks.com.
LynuxWorks is a trademark and LynxOS is a registered trademark of LynuxWorks, Inc. Other brand or product names are registered trademarks or trademarks of the respective holders.
The URL for this release is located at: www.lynuxworks.com
Peter van der Sluijs
01 296 628180