Karamba Security

Best wishes for a sweet year, full of good news and blessings, and for success and happiness for all our clients, partners and friends.

We were excited to take part in the Indian Automotive Component Manufacturers Association (ACMA) annual event in New Delhi. The Indian automotive industry is ramping up swiftly, thanks to local talent and global expansion. The need to meet cybersecurity regulations has resulted in significant traction for Karamba Security among Indian OEMs and tier-1 suppliers.

Addressing Cyber Defense Magazine's request, Tal Ben-David has authored an article about the benefits of deterministic security, especially in mission-critical IoT devices and applications. The article was published in a timely manner, after August 27th's Washington Post report (https://lnkd.in/dUuimsjC) and a Lumen Technologies blog post (https://lnkd.in/dmUi5m9w) describe how Chinese hackers, specifically the state-sponsored group known as Volt Typhoon, have been exploiting a zero-day vulnerability in Versa Director, a software platform widely used by Internet Service Providers (ISPs) and Managed Service Providers (MSPs) to manage SD-WAN infrastructure. A deterministic security control (e.g., Allow List of binaries) would have blocked the vulnerability exploitation, as it would have prevented the malicious files from being executed, identifying them as foreign code: i.e., malware. Read the article via our September 3 posting here: https://bit.ly/3Zx4gMK Sign-up to the magazine is required.

Last week, Karamba participated in Shanghai's AutoCS trade show. The event targets OEMs and Tier-1s aspiring to meet the ISO/SAE 21434, and the Chinese regulation, GB Standards for Vehicle Cybersecurity, which was ratified recently. Our partners at IoTSafe represented us and demonstrated how Karamba's products enable OEMs and suppliers to comply with the regulations without interfering with R&D or delaying their time-to-market.

As reflected in recent FDA regulations, there is a heightened concern among HMOs and medical device manufacturers (MDMs) about medical devices becoming back doors for hackers, to infiltrate hospital networks, perform ransomware attacks, and gain access to sensitive patient records.   As shown in recent customer traction, XGuard enables MDMs to take a proactive approach by embedding security controls directly into device firmware. This approach hardens systems at the binary level, creating self-protected devices that address FDA requirements by hardening the device and significantly reducing the need for urgent patches. XGuard’s deterministic solution mitigates the risk of known vulnerabilities, to help streamline product roll-outs and maintenance processes. This means fewer interruptions and more focus on innovation. For a deeper dive into how XGuard can enhance your security posture, explore our latest white paper here: https://bit.ly/4gudrnw

Introducing XGuard Bolt-On Security for IoT Devices XGuard's new bolt-on capability enables device manufacturers to harden their device firmware as-is, without needing to rebuild the software image. The security controls that are added seamlessly to the device are: **Binary allow list:** Run only legitimate software; detect and prevent malware from running.  **Mandatory Access Control:** Restrict file operations and ensure specific files are only accessible by authorized applications. Protect sensitive data from leakage and meet GDPR, FDA, and CRA regulations.  **Behavioral Monitoring:** Detect ransomware, brute force password hacking, command injection and more. Click the following link and download a white paper to learn more about these security features and how to add them as bolt-on to your IoT device: https://bit.ly/4ghXdNR #IoTSecurity #CyberSecurity #DeviceProtection #TechInnovation #SecurityControls #FirmwareSecurity #BoltOnSecurity

Last week we announced XGuard's extension that enables Secure Boot for Containers. This world-first innovation addresses a critical vulnerability in IoT devices and automotive firmware by ensuring that locally-stored container images are validated before they are instantiated. To learn more, request our detailed paper on Container Authentication at https://bit.ly/4eakYpr.

We mourn the loss of six precious young people murdered by Hamas, and we hope that the war can end so that loss of additional lives on both sides of the conflict is prevented. Waiting to see our remaining hostages returning home.

CrowdStrike global outage has shown inherent weaknesses caused by constantly changing Endpoint Detection and Response (EDR). Mission-critical applications that run as closed, predictable systems such as airport and hospital servers, vehicle systems, and medical devices should be hardened to ensure they only run authorized programs and deterministically prevent any foreign code from executing. As a result, deterministic embedded cybersecurity solutions enable securing IoT and closed-systems servers without being exposed to CrowdStrike-like business continuity risks. Read more about the deterministic approach, on our blog: https://bit.ly/4ft55vz #EDR #globaloutage #IoT #cybersecurity #deterministicapproach #deterministicprotection

CrowdStrike’s recent outage was caused due to an update software bug. The constantly-updated EDR model is prone to bugs, which risk business continuity as happened last Friday. Ami Dotan, our CEO and Co-Founder shared that day how a deterministic security model enables to harden the endpoint, against foreign code (i.e. malware) without requiring updates and bug risks. #CyberSecurity #EndpointSecurity #AutonomousProtection #PatchManagement #RealTimeMonitoring