Fortify Against Malware

Tamper-Proof Application

Instances of severe malware infections grew 200% in 2007. Viruses, trojans and rootkits were among the worst offenders and applications are the primary target of malware attacks today. Web applications, server applications, client scripts, desktop software and embedded software are all subject to exploits. Enterprises must be vigilant in protecting their information systems. A well-planned and highly agile process is critical because the time it takes for a reported vulnerability to be exploited is decreasing. Today, zero-day attacks – where exploits are released within 24 hours of vulnerability disclosure – are the norm. As a result, enterprises must plan for zero-day patching of their applications to ensure ongoing security against malware attacks.

Challenges and threats from malware attacks include:

• Exploitation of vulnerabilities that exist in software
• Malware targets popular and widespread applications in your organization
• Zero-day exploits sets the clock ticking for finding a solution to immediate manage your risk exposure
• Patches are easily reverse engineered and can be easily defeated
• Today’s compromises are covert with minimal tamper-evidence

While perimeter security measures provide a first line of defense against malware, they are ineffective in isolation. Industry experts recommend that applications themselves must be intrinsically hardened to eliminate vulnerabilities and withstand exploitation.

Compliance regulations, such as PCI, commonly require all application code to be scanned for application vulnerabilities. Although, these software vulnerabilities can and should ideally be fixed at the source code level, the reality of software development indicates otherwise. Specifically, your software development team faces two issues:

• Software development is time and resource constrained, and thus your team is able to address only a percentage of issues with each new release.
• Use of third party software is wholly dependent on your vendors to provide timely security fixes to known vulnerabilities and zero-day exploits.

Security at Work

Arxan’s application hardening technology, GuardIT, comprehensively protects applications against tampering and compromise. It can be applied within hours at the binary level, allowing software vendors to ship secure applications with confidence. Because there is no dependence on source code, enterprises can take charge of their own security, fortifying applications internally until patches are issued by vendors.

In fact, GuardIT application hardening can also be applied to perimeter security layers, such as firewalls and anti-malware solutions – themselves the first target of viruses and worms – to provide deep yet transparent defense against hackers.

Benefits to Developers. Enterprises who develop their applications internally, or vendors of enterprise application software and security software, see the following benefits from GuardIT’s application hardening:

• Hardened applications are very difficult to reverse engineer and tamper, hindering the development of exploits.
• All issues revealed by code scanning tools can be addressed quickly and comprehensively without any source-level changes or developer impact. Vulnerabilities discovered after software has shipped can also be addressed rapidly yet securely, allowing time for complete source-level fixes.
• The ability to build in phone-home measures allows proactive forensic analysis and metric gathering.
• Automated diversification provides additional measures of security for premier clients or high-risk applications.
• Patches can be secured against reverse engineering, preventing such fixes from themselves becoming attack vectors in discovering and exploiting vulnerabilities.

The end result is a significant increase in the quality and security of your application, establishing customer trust and boosting brand value. This improvement is realized without any impact on the development life cycle or application performance.

Benefits to Third Party Software Users. Enterprises using third party software can take control of their own application security using Arxan’s binary-based GuardIT solution. Key benefits include:

• Ability to internally create diversified instances of popular software, reducing or even eliminating exposure to damaging zero-day malware attacks
• Ability to quickly deploy defensive measures when application vulnerabilities are disclosed, securing applications until an official patch is released.
• Ability to embed tamper-evidence into applications, allowing proactive notification of potential breach or compromise to central network monitors. This allows forensics gathering, opportunity to quarantine computers which may have covert malware infections, and generation of metrics on effectiveness of perimeter security measures.
• Binary scanning tools allow enterprises to discover vulnerabilities in third party applications, but enterprises are still dependent on vendors to patch issues at the source level. GuardIT’s binary transformation capabilities empower enterprises to address these vulnerabilities themselves, thus increasing productivity by allowing immediate deployment of needed software applications.

The end result is increased compliance with security and privacy regulations, reduced outage and damages from malware attacks, and ultimately increased customer confidence and brand value.

Security Tool Vendors

Security tool vendors, including anti-malware, secure communication and data management are realizing the value of layering their solution with in-depth fortifying technology. The enhanced security provides:

• Higher value to customers and establishes a differentiating advantage in a fiercely competitive market.
• Greater resilience to attacks ensures durable robustness and prevents adverse publicity from widespread hacks
• Resistance to compromise minimizes the time spent on security patches and maximizes opportunity to build valuable new features