How We're Changing The
Economics Of Security
When Joe Saunders (CEO) & Doug Britton (CTO) met, Joe was advising startups on how to become high-growth companies and Doug was leading world-class security research for organizations.
After a passionate conversation about “Why we keep pouring millions of dollars into network perimeter defenses even though, over the past 20 years, we keep seeing that bad actors still get in” they both realized how extensive a problem it was. In short, despite our collective best efforts, attackers had the advantage across all of critical infrastructure & enterprise IT systems.
Joe & Doug shared a fundamental desire to shift the economics back in the favor of the defender.
The trigger to act was when the Department of Defense asked them a fundamental question: “If you assume the supply chain has been compromised, how do you still deploy secure software?” More specifically, “If you have a fleet of 100 drones and one is compromised, is it possible to stop the attacker from replicate that same attack across all drones?”
“With that, we figured out a way to make each drone functionally identical but logically unique,” says Joe.
This early success was an eye-opener for them as they started to realize the potential of implementing this same innovation to all software, across all systems in a huge variety of settings. That’s how RunSafe, and its immunization technology, was born.
However, as exciting as the technology was, people were still apprehensive to adopt it out of intimidation of its potential complexity to deploy.
“It wasn’t just good enough to have amazing engineered software. We had to also make it easy for people to adopt.”
So Joe & Doug packaged the “Alkemist” capabilities for the 3 most common use cases. Alkemist:Code for dropping security into the code at build time. Alkemist:Repo for downloading protected versions of open source software packages. And Alkemist:Flare for flagging instabilities and vulnerabilities at runtime.
Since then RunSafe has immunized hundreds of code bases and millions of devices across the globe – changing the economics of security.
Before RunSafe, attackers could analyze one instance and build a reliable exploit for all deployments of that software. After RunSafe, it becomes economically inefficient and operationally infeasible for attackers to build a reliable exploit.