Defining What it Means to Secure Software in Runtime

The most critical and challenging weakness in cybersecurity is the inability to protect applications, or software, at runtime.   

Runtime is a vulnerable blind spot deep within the application infrastructure. Today’s cybersecurity tools still struggle to even see these attacks at this level, much less stop them in their tracks.   

The notorious SolarWinds attack cost nearly a trillion dollars. Accumulating burden of attacks like HafniumColonial Pipeline, PrintNightmare, MS Exchange, McDonald’s, and Kaseya continue to cause exponential damage to business and government.  

What do they all have in common? They were all targets of techniques used to exploit runtime in large software deployments.   

Is runtime protection misunderstood?  

The cybersecurity industry liberally defines what “runtime protection” is, causing confusion that leads to ineffectiveness in ending ransomware, remote code execution, and supply chain poisoning. 

Many vendors’ common claim of “runtime protection” means that other solutions merely spot malicious activity after it has taken place and are taking steps to contain and remediate an exploit.  

Methods such as heuristic analysis, logs, signatures, artificial intelligence, machine learning, and other probabilistic measures can only try to predict what might happen. These technologies do nothing to stop an attack while software is running and even reduce the dwell time of an attacker. Current security tools can reduce dwell time from hours to minutes, but even minutes are too long to stop an attack from occurring. This puts the victim and the security vendor in reaction and remediation mode. 

True runtime protection should make adversary dwell time irrelevant. Organizations must push through the reactive way of thinking about security, and instead, an approach of interdiction—100% prevention before an attack occurs. Virsec is the only company that can achieve zero dwell time because our approach to runtime protection remains deterministic and occurs in milliseconds—or less—for our customers.  

Skeptical or want to learn more? Join Jim Routh and Dave Furneaux on August 24 to discuss why true runtime protection will make cyber-attacks irrelevant.

*** This is a Security Bloggers Network syndicated blog from Virsec Blog authored by Virsec Team. Read the original post at: https://www.virsec.com/blog/securing-software-in-runtime