Seamlessly-applied Device Security
and Unsupervised Machine Learning
Karamba XGuard:
Seamless Embedded Security
Karamba Security’s XGuard is an integrated solution of embedded software agents and a cloud-based backend. XGuard agents deterministically prevent malware and fileless attacks. The backend engine detects anomalous behavior and provides proactive alerts about suspicious devices.
Seamless Integration
XGuard agents are integrated as part of the firmware build toolchain. No source code is required, development processes are untapped, and the agent is seamlessly integrated with the product binaries.
Verification & validation are likewise unchanged. The product software image is tested with XGuard embedded into it, without requiring changes to test plans, as XGuard’s addition doesn’t change product functionality.
XGuard Agent: Negligible Performance Overhead
The XGuard embedded agent is designed for embedded systems, with low CPU and memory consumption. The agent takes up to 5% CPU overhead, 5% memory size, and about 10% of the flash size.
The agent local analysis and payload optimization reduce device traffic to the backend by 90%.
XGuard Backend: Unsupervised Machine Learning
XGuard’s backend has a set of predefined monitored behaviors but it also observes a huge number of events across the entire fleet and uses adaptive unsupervised machine learning to find anomalies that indicate threats. This allows Security Operations Center (SOC) teams to investigate highlighted anomalies and determine incidents and root cause.
XGuard automatically adjusts to a wide variety of device and fleet behaviors without requiring any user intervention.
Broad Threat Coverage
XGuard software enables OEMs and device manufacturers to assure their customers a high level of protection against cyberattacks.
- Malware is deterministically detected as foreign code, which wasn’t part of the original build, and is prevented from executing.
- Fileless attacks, which exploit in-memory vulnerabilities such as buffer overflow, are deterministically detected and prevented automatically by utilizing Karamba’s patented Control Flow Integrity (CFI).
- The backend analytics engine points at a significant number of hacking attempts such as password guessing, privacy violations, and rogue devices.
ISO21434 and UNECE R155 Compliance
Software Integrity, security event logging and an update mechanism form the cornerstone of many cyber-related regulations in various industries.
Automotive OEMs and suppliers, who must meet the ISO21434 and UNECE R155 cybersecurity standards, use XGuard as for achieving compliance. The software, which is seamlessly integrated, and auto-adapts to fleet behavior, addresses the UNECE R155 requirements for software integrity, OTA updates, authentication, and logging, without taking an extra toll on R&D, or requiring changes to the ECU architecture.
XGuard Secure Visibility Platform Advantages
Seamless Deployment
Requires zero developer intervention or updates during the software development lifecycle. Karamba XGuard fits into off-the-shelf and proprietary build environments.
Negligible Performance Impact
Optimized for embedded systems, this patented method enables runtime protection with less than 5% CPU overhead and 0 CAN network overhead.
Deep Security & Visibility
XGuard Monitor can analyze and monitor a vast array of IoT-specific threats, with granular indicators -- even the most difficult ones with short time to detect.
Improve Code Quality
Karamba has the unique ability to record and report deep root cause analysis details to security forensics personnel, so that code owners can identify vulnerabilities which hackers attempt to exploit.
Deterministic
The “known good” approach provides a deterministic algorithm which is inherently precise. Only legitimate files can execute to runtime memory. Unauthorized droppers are blocked.
A Broad Attack Spectrum
Deep security sensors deployed on each ECU and connected device provide both the researchers and the security analysts with continuous insights of the fleet, detecting anomalies and helping develop faster resolution of problems.
See Why Our Security Solutions Win Awards
XGuard One Pager
XGuard is OS agnostic, and compatible with a wide range of platforms out-of-the-box. The playform includes both an embedded agent and cloud-based monitoring.
Compatible Platforms
XGuard is OS agnostic and compatible with a wide range of platforms out-of-the-box. XGuard can also easily extend its coverage to your platform. Download the paper to read more.
Contact us to discuss XGuard!
Israel
24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113
USA
41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171
Germany
Wasserburger
Landstr. 264, Munich
81827
Tel: +49 172 3991 036