Following the Code:
A First Principles Approach to Stopping Cyber Attacks
In 2008, traditional security tools were poorly handling polymorphic worms such as Slammer and Conficker. Anti-virus companies were releasing new signatures every 10 minutes for each polymorphed variant, but the Slammer worm – and the trail of destruction left in its wake — continued to grow in intensity. Satya Gupta, now Virsec Cofounder and Chief Technology Officer, began investigating how a worm and other vulnerabilities made its way into an enterprise’s data center.
When targeting compiled applications, attackers send shell code into the vulnerable application to gain execution control and to execute the shell code. By finding out precisely when the application starts executing non-developer provided code, it is possible to stop the attacker from gaining execution control.
When targeting interpreted web applications, attackers send maliciously crafted web requests. A vulnerable application turns some part of the web request into code targeted at a downstream interpreter such as the SQL interpreter, the OS Command Interpreter, Java interpreter etc. By finding out precisely when the code generated by the application has been influenced by the attacker, it is possible to stop the attacker from gaining execution control.
By decomposing the applications that the server expected to run legitimately, it is possible to enumerate and therefore block the execution of any other illegitimate and malicious executables. This approach will prevent a vast swath of malware-driven attacks.
From Concept to Company
In 2017, the Virsec technology focused only on memory protection. After conducting proof of concept deployments with a few marquee companies to garner feedback, the company quickly recognized that we needed to protect memory, host, and web.
In 2018, Virsec closed on Series B funding ($24M). In late 2019, Virsec entered the market with a full-stack solution, Deterministic Protection Platform (DPP), formerly Virsec Security Platform (VSP) version 1.0, which began selling in late 2019. Our earliest customers were international government agencies and companies, whose feedback helped shape the platform offerings.
During 2020, Virsec Cofounder Dave Furneaux joined the company as CEO. The technology continued to mature, and the company expanded the platform to protect a wider set of applications. We continued to improve and expand our capabilities to support workloads that run in the cloud infrastructure, virtual machines, and containers. In April 2021, VSP 2.0 was released, and the company closed Series C funding ($100M) in July 2021. As of January 2022, Virsec has been awarded 60 patents for its First Principles approach to security.