RESTON VIRGINIA, August 29, 2019. StealthPath, Inc. announces their receipt of a patent for implementation of a proprietary identifier to secure communications from “man in the middle” attacks, i.e. the circumstance where a hostile intermediary inserts itself between two valid entities and monitors or alters their communications. Encryption prevents ordinary eavesdropping/insertion but can be compromised if the attacker gains access to a users key. Exchanging keys is a standard process, and hence vulnerable to third party interception. StealthPath’s innovation is to provide an independent form of identification for every entity, application, and message, which is maintained separately on the StealthPath platform and used to validate connections via a separate process. from the communications . Unless the connection is validated with this ID, it is blocked. “The value of multi-factor identification has been recognized for a long time,” says StealthPath President Russ Berkoff. “Our contribution is extending the approach to endpoint connections.”
It is all part StealthPath’s mission to quickly delivers Zero Trust security best practices to IoT and other devices without changing the application software or networking infrastructure supporting them, and without impacting performance. “Zero Trust means that every connection needs to be challenged and verified,” says StealthPath President Russ Berkoff. “Even those already inside the network perimeter. To do that, we need a robust and efficient method of identifying each entity at operational speed.”
This patent is the latest addition to StealthPath’s core IP, purpose-built to secure the ever-expanding universe of connected smart devices. The journey to implementation is a three-step process, starting with Monitoring, creating a complete inventory of users, applications, devices, and connections. This is used to create a “whitelist” of approved entities and behaviors exportable to standard and next-generation firewalls. The next step, Alert, generates proprietary alarms or integrates with leading SIEM solutions. The final phase is a complete, Zero Trust solution that constrains edge devices to approved connections.
“While Zero Trust security is ultimate goal,” says Berkoff. “Not every customer is ready to go there, and they may not want or need to lock down every system. Our mission is to make it easier for them to set their protection at the point at the level they need. This means building business value on existing investment, meet compliance mandates while providing the capability to evolve to a fully Zero Trust future. .”
About StealthPath
StealthPath (www.stealthpath.com) is an endpoint-first cybersecurity solution to addressing critical vulnerabilities of IoT and smart endpoint devices. Its global patent-pending platform approach provides a range of benefits, from developing a complete user, application, and device inventory for firewall configuration to implementing a “zero-trust” solution at the protocol/message level, ensuring that device access, port utilization, protocols, and messages are consistent with intended functionality. The complete solution has the game-changing capability to stop exploits before they can laterally spread or do damage, eliminating zero-day and other OS and application vulnerabilities. In the process, it also increases operational stability by eliminating accidental events caused by software failure or human error. The solution footprint is minimally disruptive, with frictionless implementation complementing existing applications and processes. For more information, contact: info@stealthpath.com.