Organizations in every industry and at every level of government face more cyberattacks each day. According to Ponemon Institute’s recent research, 68 percent of organizations note an increased frequency of attacks against their endpoints. Often, these threats are zero days, fileless attacks, in-memory exploits, and evasive malware designed to circumvent antivirus and endpoint detection and response solutions.
We designed the Morphisec Unified Threat Prevention Platform with the goal of preventing the types of attacks that bypass antivirus and EDR. Built with the principles of moving target defense in mind, the Morphisec platform morphs application memory to change the attack surface from a static to a dynamic target. At a fundamental level, this means that we remove the biggest advantage -- a static target -- from the adversary’s arsenal. By creating a dynamic target, we prevent attackers from breaching your systems in the first place.
Today, I’m proud to announce the release of version 4.0 of the Morphisec platform. In this latest version, we’ve added powerful new features that empower your lean security team to protect the organization from advanced evasive malware and fileless attacks, such as:
- Threat prevention for the Linux operating system
- Executive reporting to enable security benchmarking
- Increased management capabilities for managed security services providers
- Expanded protection mechanisms
Advanced Threat Prevention for Linux
With Linux powering the servers that run 90 percent of public cloud workloads in the world, the Linux kernel, once considered secure, has increasingly been the target of zero days and sophisticated cyberattacks. Attacks targeting the platform are becoming more frequent, more sophisticated and more dangerous. However, as quickly as security researchers discover and publish indicators for Linux threats, attackers change their tools and techniques in order to evade detection, with the goal of moving laterally into mission-critical application servers.
To reduce the risk to their Linux servers, companies of all sizes have protected themselves with client-grade endpoint security technology or by whitelisting with application controls. Rather than reduce risk, this has created a false sense of security and still left the organization open to advanced attacks going after system memory. This is why Morphisec has extended its Moving Target Defense technology to the Linux OS with Morphisec Threat Protection for Linux.
With the expansion of Morphisec’s moving target defense technology to the Linux operating system, we now secure this critical system against fileless attacks, evasive malware, shellcode injections, and zero days. A few of the Linux-based threats we prevent are:
- The Linux-targeted ExtraBacon exploit
- The Google Project Zero Linux kernel bug CVE-2018-7182
- The Golang-based Spreader recently used in a cryptojacking campaign
- The QNAPCrypt ransomware attack that targeted Linux-based file storage systems (NAS servers)
- Silex malware
- New Mirai variants
- Attacks on Monero and various cryptocurrency mining malware such as Skidmap
- Botnets such as Roboto and Mozi (Hajime), a DHT botnet
- Rats such as Dacls
Based on the same technology that secures Windows servers and Windows endpoints, our Threat Prevention for Linux solution is integrated directly into the Morphisec Security Center. This empowers lean security teams with visibility across the organization, regardless of whether they’re investigating an attack against a Windows or Linux system.
Extending the Value of the Morphisec Platform
Within version 4.0 of the Morphisec Unified Threat Prevention Platform is a powerful reporting feature that allows you to graphically showcase the attacks that have been blocked and benchmark yourself against global trends. This data is incredibly powerful to surface, especially for security professionals who need to show the value of their stack.
We’re also offering new features for managed security services providers who must provide cybersecurity services to multiple customers. MSSPs now will have the use of our full range of protectors -- endpoints, servers, and virtual desktop infrastructure -- as well as insight in their customers’ Microsoft Defender AV products. This full visibility into the attack chain empowers MSSPs with the ability to better provide their crucial services.
The Least You Need to Know
Adversaries are only going to keep trying to leverage new ways to breach corporate and government systems. We’re going to keep improving the Morphisec Unified Threat Prevention Platform to ensure the security of your endpoints, servers, cloud workloads, virtual desktop infrastructure, and much more. We’re excited to offer you the expanded protection of our platform into Linux and beyond, and hope to continue serving as your defense against the most damaging cyberattacks now and in the future.