Digital Immunity is the only solution to protect trusted processes in memory at runtime preventing the execution of malware attacks before the damage is done while providing rich forensics in context.

• No patch fatigue
• No false positives, the code is good or bad
• No exposing your critical data in the cloud for analysis
• Action oriented dashboard let’s you become a security operator
• Automated reporting goes beyond compliance audits to serve business needs


Applications are the new perimeter. Digital Immunity delivers self contained endpoint security.

You can’t keep up with the Cyber Warfare. Now you don’t have to.

The Problem

The attackers are winning. It is impossible for any other method to keep pace with ever changing malware attacks.

Just look at the news.

AntiVirus/AntiMalware software can’t keep up. There are too many new vulnerabilities both known and unknown.

Behavorial, machine-learning and AI based systems still have to learn. These attacks are moving targets. Think about it, would you rather try to guess if youre under attack or know of an attempted attack. The high number of false positives create alert fatigue and unknown threats lurk where cloud based analysis open new windows of risk and expose data.  These systems are smarter at guessing what’s bad, but they are still guessing.

Are the bad guys getting smarter? Yes! The evolving threats are changing the game. The proliferation of devices we must protect – sensors, compute nodes, embedded systems – that can no longer be directly supervised make the task even more daunting. The failure of other solutions is often silent. This silent failure goes undetected until it’s too late.

Digital Immunity takes a completely deterministic approach that tackles both loud and silent attacks. We know what’s good, and everything else is bad.

Finally, a proactive security model with the precision required to become operational and go on the offensive.

Put an end to guess work, patches and temporary band-aids.

About Digital Immunity

Digital Immunity doesn’t just protect your organization, we protect your sanity.

We have one mission; to give you complete confidence in the security of your endpoint devices without a heavy administrative overhead. Our lightweight sensor runs in the kernel to ensure protection and uses less that 1% of CPU.

Our patented Digital DNA Mapping technology stops advanced threats including APTs and zero-day attacks from executing in memory at runtime by hardening your operating systems and related applications. You get peace of mind and ease of maintaining your environment with minimal overhead expenditures.

We know it’s hard to believe so let us show you it works.

Why We’re Different

You have a choice to make. Unlock critical visibility into your environment, allowing you to proactively act rather than constantly chasing threats, every hour of every day.

With Digital Immunity’s DNA mapping, even thousands of applications, takes hours. Fighting dynamic unknown threats, the old way – by identifying what’s bad – is a daily uphill battle no one wins.

Thousands of application maps or millions of unknown attacks. We think the choice is obvious and easy to deploy.

Digital Immunity is the only approach that:

  • Prevents the execution of malware attacks by protecting the integrity of granular, binary code in memory at run time  before the damage is done
  • Ensures continuous run time protection on every endpoint for known and unknown threats
  • Eliminate the urgency for installing “patches” as new threats are identified and provide realtime visibility into attempted attacks through actionable alerts
  • Delivers push-button detailed forensic  artifacts, in context, exposing malicious code and vulnerabilities whether known or unknown

Pharmaceutical Manufacturing

Every software change you make, even those to patch for security vulnerabilities, triggers a validation process. It’s tedious to address. And that’s not the worst part. The process takes time, and while you are waiting for approvals, security vulnerabilities put your organization at risk. Digital Immunity eliminates the need for security related patches so you can focus on business process improvements and say good-bye to constant patch updates. An initiative lead by business unit leaders.

Protect Critical Digital Assets

Your business can’t afford to lose sensitive customer data – passport numbers, credit card data, birth dates, social security numbers – require heavy guarding. Cyber criminals continuously look for vulnerabilities in your operating systems and applications and exploit them, providing a gateway to your data. Insufficient security both where data is stored and when it is being accessed creates risk. Digital Immunity gives you confidence.

Compliance Reporting

Sometimes the hardest part of administering security practices is producing reports that meet strict compliance standards. Digital Immunity makes easy work of audit and reporting.

Legacy Windows Protection

In an ideal world your entire organization would always be on the current version of software, but we don’t live in a fantasy world. Many of your endpoints are on outdated Windows operating systems which are no longer supported by many security vendors. Digital Immunity provides full and durable protection for all your legacy windows environments.

Our Products

Digital Immunity Protect & Digital Immunity Server Protect

Digital Immunity detects and thwarts attempts to execute rogue code before it runs. Once the threat is stopped, Digital Immunity provides detailed forensics related to process execution, including logging every out of sequence instruction related to an attempted attack.

We leverage binary code from trusted operating systems and related applications and using the sequence of invariants of the code, create an alternate digital representation of the code, called DNA Maps. Akin to DNA sequencing in biology, Digital Immunity DNA mapping can be applied to operating systems and applications, including containers, micro services, IoT devices, systems residing on-premises, or in the cloud (any cloud). These maps guarantee that any run-time deviation from correct operation, whether due to insertion, deletion, or alteration, will be detected and stopped.

The DNA Maps are then stored and a lightweight Sensor which runs in the Kernel is pushed out to endpoints.

As code launches, executes and exits, the sensor will conduct continuous run-time protection verifying the integrity of code when most vulnerable, In-Memory. Any attempt to tamper with code or introduce any foreign or malicious code will be detected and prevented from executing before any damage is done.

The Sensor will also capture rich forensic artifacts in context and present them though the DI Console. The approach is deterministic in nature. We are not analyzing files or exposing confidential data in the cloud to determine if something is bad. Instead, we know what is good and we protect it.

We offer two products for maximum protection. Digital Immunity Protect is installed on endpoints (laptops, desktops, etc) and Digital Immunity Servder Protect is installed on virtual or physical servers.

Product Components

The Digital Immunity engine analyzes OS kernel binaries, drivers, applications, and supporting files like DLLs and creates a digital map of each item. The Digital Immunity engine has three primary components:

DNA Generator

Analyzes software components of the system prior to first use, extracts the digital DNA, and publishes each component’s map to the Map Manager to protect both commercial off the shelf software, and custom developed code.

DNA Sensor

Deployed on the endpoint to provide continuous enforcement of the software integrity in the runtime system. It uses the DNA maps for detection of foreign, unexpected code. When an attack is discovered, the offending process is terminated or allowed to continue (depending on the defined policy), forensic details are captured, and an alert is sent to the security administrator.

DNA Control Center

A proprietary database created on a virtual system that holds all the details of the good software mappings for applications mapped in the scope of coverage of its environment. The DNA Sensor requests copies of the maps relevant to the endpoint it resides on to validate all process execution at the local level. This means DI operates even if network connectivity to the manager is not available, as long as the request for maps was successful in the past. The Digital Immunity DNA Map Manager/Control Center is available as a virtual appliance.

We’re not application whitelisting, we’re better.

When you read about Digital Immunity’s product you are going to be tempted to label us as an application whitelisting product.

Application whitelisting does a better job of securing your environment than blacklisting approaches but:

  • They can’t prevent attacks: including memory injection, interpreted code and shell code (java, macros and kernel level attacks)
  • They are time consuming
  • Disruptive to your operation
  • They do not provide run time protection, nor do they deliver detailed forensics artifacts
  • Digital Immunity provides all the benefits of application whitelisting and more, without the administrative overhead

Digital Immunity provides continuous visibility into operating systems and applications running in your dynamic environment across your enterprise, so you can take proactive measures to protect your business. We’re not application whitelisting, we’re better.

Benefits

The Application is the New Perimeter

The enterprise network has become increasingly complex as the perimeter has expanded beyond the desktop and servers, with applications and users everywhere. Mobile and cloud based applications continue to drive demand for anytime, anywhere access. The application is the new perimeter, and ensuring computational integrity is security’s next great achievement.

Unique Deterministic Detection

A Digital DNA Map of each function within an application is created, generated from a known, trusted source. Published to the Map Manager and provisioned to each Endpoint, Digital Immunity works in real-time, continually monitoring that the applications haven’t been modified in memory. Deep granular data retention on kernel-level activity meets compliance standards and provides actionable, real-time defense. A DNA Sensor kernel driver is installed on each Endpoint, delivering a lightweight approach that does not rely on complex, resource intensive, constant data collection. Our unique deterministic detection and prevention method does not involve signatures, hashes, behavioral analytics, predictive analysis, big data or machine learning.

Bioinformatics Methodology Conquers Current Industry Limitations

Protected by three patent family filings, Digital Immunity’s bioinformatics methodology is called Digital DNA Mapping, which validates the DNA executable code at the individual function level. No changes or additions to the source or executable code are required, and this perfectly secure technique avoids the high computational cost of repetitive run-time re-computation of cryptographic signatures or hashes. This methodology enables “adaptive immunity” for foreign code. Through high performance and strong forensics, Digital Immunity maintains an analog of immunological memory on each Endpoint that identifies running software as trusted or untrusted, without resource-intensive behavioral or cryptographic techniques, hash codes or signatures.

Easy to Deploy & Administer

No false positive or negatives eliminates alert fatigue. Traditionally A/V, security type products are difficult to deploy and maintain. Our engineers have gone to great lengths to build in sophisticated deployment and management techniques that make the Digital Immunity a product you will not have to babysit all day.

“Before deploying Digital Immunity I thought it would take weeks to map all 22,000 applications. I had visions of late nights, weekends and a lot of disruption. But I was wrong. It took only a matter of hours over one weekend for everything to me mapped and ready for protection. Better yet, the hours each week I was spending patching our systems against security leaks has been eliminated. I’ve gotten so much time back to focus on business imperatives.” Nicole Woods – IDS

Complete Visibility

You can’t protect what you don’t know is happening. Digital Immunity surfaces complete visibility into the applications being used by your employees across all devices.

Transform Your Team into Security Operators

Most approaches to security keep your team in constant scramble mode, but not with Digital Immunity. Digital Immunity allows you to create risk-based profiles and then act upon alerts within your business context. When the system finds a threat you can instantly switch from alert to terminate mode on the fly.

Features

Verifies in Memory

Verifies the integrity of executing code throughout the runtime lifecycle

  • Viruses and Malware are only effective when they can run. By monitoring every app and service in memory we are able to prevent them from infecting a network

Prevention

Any attempt to execute malicious code is prevented before it starts

  • Alert or Alert and Terminate on any foreign or malicious attacks
  • Capture deep forensic information about attack and origin

Detection

Detects attempted execution of foreign and injected software

  • Provides immediate Endpoint vaccination, including already infected Endpoints
  • Prevents future infections with continuous runtime Endpoint surveillance
  • Captures malicious instruction sequences as forensic information

Ease of Deployment

  • Automated deployment in hours
  • No special skills required
  • Low total cost of ownership

Want to give Digital Immunity a try? Click here for more information and to request a software demo.