Thwarting How Attackers Operate
Memory corruption attacks try to trick a software program into running attacker-provided code, instead of programmer-written code. For this to work, the attacker must find vulnerabilities in the software binary code that allow the injection of code and/or the redirection of execution. Alkemist transforms software binaries so that attackers can’t calculate in advance how to successfully execute their code.
What Alkemist Does
RunSafe Security’s Alkemist technology hardens software binaries against memory corruption errors and buffer overflow exploits – the techniques attackers typically use to gain control of embedded systems and devices. Alkemists’s remotely deployable, self-service cyberhardening transformation process can be accessed through a web client or RestAPI. It utilizes the following runtime application self-protection techniques:
- Block-level binary stirring (randomization), which makes each protected system and device functionally identical yet logically unique.
- Control Flow Integrity (CFI) , which protects against Return/Jump Oriented Programming (ROP/JOP) attacks, where existing code is called out of order to become a hacking script. This prevents malware from changing how commands are executed.
- Stack Frame Randomization, which creates stack-level entropy by randomizing the buffer set aside for local variables when functions are instantiated on the stack. This entropy deprives an attacker of the information needed to craft a payload that weaponizes a stack overflow vulnerability.
By precluding an exploit from spreading across multiple devices and networks, Alkemist disrupts hacker economics and shifts the odds in favor of the defender.
Render threats inert by eliminating attack vectors and significantly reducing vulnerabilities.
Unprotected Software Image
- Software Dev Team NOT Security Team
- Must Maintain Patches
- Vulnerable to Zero-Day
- Patented Process
- Binary Randomization
- Control Flow Integrity
- No Source Code Modification
Protected Software Image
- Prevents Malware Proliferation
- Deployed Easily
- Blocks Zero-Day Exploits
- Reduces Attack Vector