K2 Cyber Security based in Silicon Valley has emerged from stealth mode with a technology that prevents zero – day attacks by monitoring the performance of the app in the cloud. K2 can create an execution map for each application and can stop it if malware hijacks it.
That’s not done before, “says Pravin Madhani, CEO and co – founder of K2.” Because it’s very hard to do. For each application, we can create an execution map in minutes and monitor it in real time. No false positives exist.
Zero-day attacks exploit an unknown weakness in business systems and can generate many false alerts. The approach of K2 means that any zero-day attack can be stopped because a signal outside the execution map of the app would be generated.
K2 can carry out operational controls to prevent malware from changing the execution of an app, known as optimized control flow integrity (CFI), and this also applies to micro – services used in public and private clouds in the company. Madhani says the industry is unique in this deterministic approach. In order to protect its IP, K2 filed seven patents.
Traditional CFI approaches have relied on the identification of potential malicious actions-which in combination can be almost infinite-hitting and missing detection. They also impose significant IT performance overheads and may require additional hardware. The approach of K2 is to focus only on monitoring the implementation of the application as it has been designed and validating the actions on the basis of its unique app analysis.
K2 offers two modules: The Prevent module detects zero – day attacks in real time ; its Segment module isolates workloads in the cloud and assigns unique cryptographic identities before they can communicate. This prevents lateral malware movement in IT environments in the hybrid cloud.
Zero-day attacks and unpatched systems are vulnerabilities that hackers have often exploited. Current cyber security systems rely on detecting the malware’s behavior or signatures, but this generates a large number of false alerts-keeping security teams tied to investigating too many incidents.
