Sabbath Ransomware Group: Using Memory-Based Attacks to Evade Detection
Virsec Coverage for Nist Sp 800-53
Standards like NIST SP 800-53 Revision 5 help federal and commercial organizations implement appropriate security controls to ensure optimum protection of information systems. This document outlines the wide range of NIST 800-53 security controls and enhancements that the Virsec Security Platform (VSP) supports.
VSP provides effective compensating controls that minimize risk to complex composite systems and un-patchable legacy technologies vulnerable to threats targeting memory, OS functions, file systems, and libraries. It addresses runtime environments where immediate detection and mitigation of the threat is required, without prior knowledge.
VSP focuses on ensuring code integrity instead of using policies to identify known malicious behaviors or exploits. It maintains clear insight into the entire application stack including interpreted code, compiled applications, libraries, interpreter responses, and database interactions.
VSP technology deploys in close proximity to the application to monitor and secure application components continuously. It maps known and predictable application activity to deterministically protect systems, components, files, and memory during runtime and takes immediate action when there is a deviation. With near 100% accuracy in attack detection, it eliminates false positives enabling automatic runtime response.