STERNUM EIV

Embedded Integrity Verification

Proactive integrity-based attack prevention embedded automatically into the entire device’s code, including closed-source code, commercial operating systems and 3rd party libraries.

 
 
 
Sternufm Deck - May 2019_2_05122019NT.jpg

LET'S ATTACK A DEVICE...


Every cyber attack consists of four main stages an attacker must take when heading to its goal

  • 50%

    Vulnerability

  • Stage 01 - flaw in a system
    Existing solutions for securing devices focus on identify and patch vulnerabilities; or identify malware in a managed network without protecting the device itself. With the endless new CVE’s discovered each day and with 3rd party closed-source components embedded into every IoT device, we find it impossible to rely on identifying and patching all existing vulnerabilities within a device. Some flaw in the system will always exist.
  • 80%

    Exploit

  • Stage 02 - "weaponized" code taking advantage of vulnerabilities to manipulate system behavior
    In comparison to passively try to patch vulnerabilities, EIV apply proactive protection into the embedded device, which takes place during real-time execution and across the device’s code and lifecycle to prevent different kinds of cyber-attacks immediately, at the exploitation stage.

    EIV identifies the manipulations caused by the exploit, thus agnostic to the exploited vulnerability.

  • 60%

    Shellcode

  • Stage 03 - Instructions code injected into a running application to download or run a malware
    While there is a wide variety of different vulnerabilities and malwares, an exploitation of an IoT device can be narrowed down into a small set of sophisticated steps that an attacker must take in order to exploit devices during real-time execution. These steps affect the device’s integrity and behavior. Sternum EIV prevents the attacker from taking these steps by verifying at all times that the integrity of the device remains intact and prevents any malicious operation from happening within the device.
  • 70%

    Malware

  • Stage 04 - Malicious code spies on or damages a system

    Focusing on the exploitations stage, it is possible to prevent the attack before any malware or malicious code were able to execute. This is what makes EIV so powerful in securing the devices themselves, comparing to securing the network against malwares.

EIV provides cutting-edge integrity-based attack prevention to your device and can be deployed to any IoT device, including distributed and unmanaged IoT devices that are low on resources.

KEY FEATURES

sternumiconsEIV-08.png

Real-time protection

Operating on the device, protecting all potential risk areas against techniques that other solutions can’t even detect

sternumiconsEIV-06.png

Sustainable and scalable

When new code is added, even from third-party libraries, EIV’s full protection is maintained

sternumiconsEIV-07.png

Low footprint

Optimized for minimal consumption of resources, and doesn’t change the device’s behavior or performance

sternumiconsEIV-05.png

Exceptional success rates

EIV has 96.5% success in prevention of dynamic memory-corruption based exploitation (tested with RIPE)

 

Sternum EIV Protects Against Most Major IoT Threats