Small Business Innovation Research Program Provides Seed Funding for R&D to the Most Promising Industrial Innovation Solutions
OnSystem Defender is focused on applications, where all current endpoint security products are routinely turned off or otherwise bypassed by attackers. The Phase 1 project funded by the NSF focuses on stopping and/or detecting hidden malware regardless of how it gets into an application (0-day, unpatched, supply chain attack, etc.) or how it changes its behavior once inside an application. The project result overcomes the fundamental technical flaw in current solutions – attempting to enforce least privilege mechanisms from outside applications – by delivering a solution that operates within the application where it can see and act upon malicious code.
Many endpoint security products load code inside of popular applications (for example, browsers and office suites) to monitor for previously seen indicators of compromise while the code is executing. Attackers, however, quickly found ways to bypass this type of protection by:
- Finding and publishing ways of getting around each of these indicators of compromise.
- Turning off the protection engine loaded inside of each application, thus making it unable to perform security checks, rendering it useless.
The OnSystem Defender (OSD) solution recognized by the NSF has been designed to SOLVE the above problems, delivering a depth and range of benefits to organizations of all types. OSD loads its protection engine, designed as an unbypassable reference monitor, inside of every application on an endpoint. It learns legitimate code paths an application uses to access resources like dynamic code, without which stealthy malware cannot successfully execute, and enforces them at runtime. These behaviors are learned while applications run normally on customer endpoints in a crowd-sourced fashion or in the QA lab of a software maker during normal QA cycles. OSD has already learned the behavior of virtually all Windows applications over the past 2.5 years in actual customer environments. OSD runs silently and with virtually no performance impact on any Windows endpoint. OSD is trivial to roll out by operations groups and does not take action or generate events unless an actual application misbehavior is detected.
“Current techniques for protecting applications and endpoints fail to address the most malicious software that targets applications’ weaknesses to gain access to valuable systems and data, said TJ Tajalli, CEO and Founder of OnSystem Logic. “The OnSystem Defender solution protects individual data and corporate assets in all types of organizations, including organizations running operational technology vulnerable to cyberattacks. Wide adoption will boost application and endpoint security, significantly reducing the worldwide problem posed by the continuing rise in successful malware attacks.”
About the NSF’s Small Business Programs: America’s Seed Fund powered by NSF awards $200 million annually to startups and small businesses, transforming scientific discovery into products and services with commercial and societal impact. Startups working across almost all areas of science and technology can receive up to $2 million to support research and development (R&D), helping de-risk technology for commercial success. America’s Seed Fund is congressionally mandated through the Small Business Innovation Research (SBIR) program. The NSF is an independent federal agency with a budget of about $8.5 billion that supports fundamental research and education across all fields of science and engineering. For more information, visit seedfund.nsf.gov.
About OnSystem Logic: OnSystem Logic is a security software start-up in the greater Washington, DC metropolitan area. The OnSystem Logic team developed OnSystem Defender, a best-in-class standalone application hardening and security assurance product. The unique approach, technology and product offers organizations the best available protection against harmful malware and application flaws in completely standalone and air-gapped environments. Applications are now the new perimeter and have become the last frontier in malware protection, which is where all current endpoint security products are routinely turned off or otherwise bypassed by attackers. OnSystem Logic’s patent pending In-Memory Application Reference Monitor is designed to be tamper-proof to the highest levels of reverse engineering methods known to date. For more information, visit www.onsystemlogic.com.
For more information:
Contact: T.J. Tajalli
Email: [email protected]