It wasn’t that long ago that endpoint security was viewed as an afterthought (and some might argue that for a lot of folks, it still is). As enterprises and security managers scrambled to shore up the perimeter defenses and protect the corporate network, it felt like attending to the security needs of client devices fell further down the priority list until some punted on it entirely.
But with the rise of mobile devices and BYOD, not to mention growing adoption of cloud applications and SaaS offerings, the importance of endpoint security is coming back into focus. And that’s a good thing for Morphisec, an Israeli security startup that specializes in what’s known as “moving target defense.”
Morphisec CEO Ronen Yehoshua said his company uses “a new kind of prevention technology” that uses polymorphism to confuse would-be attackers. In other words, Morphisec’s Endpoint Protector technology disguises the true nature of a device by making it appear differently than it actually is; the product randomly changes information about a device and its applications — without modifying the underlying structure of the OS or applications – to confuse hackers and cybercriminals.
As a result, Yehoshua said, attackers will spin their wheels devising malware for a fictitious device profile only to find the malicious code they developed doesn’t work on the target. There are other features of Endpoint Protector, such as “contextual forensics” for increased visibility of attacks, but the moving target defense is the big differentiator.
Yehoshua said Morphisec developed its technology with the aim of lessening the burden of defending endpoint devices by giving enterprises the ability to be proactive and fool attackers. “Companies are struggling, and the never-ending patching cycle is hard to keep up with. The software patches and the software itself keep getting bigger and bigger,” he said. “This is a simple way to prevent attacks on the endpoint by fooling the attackers.”
In addition, Yehoshua said he doesn’t believe enterprises should concede endpoint devices to attackers because many catastrophic breaches start with an attack on a single user in an effort to steal account credentials and gain access to enterprise infrastructure. “People understand now that to stop an advanced attack, you have to protect the endpoint,” he said.
Morphisec’s Endpoint Protector is currently in beta stage with customers, and the company expects it to be generally available at RSA Conference 2016 in early March.