Seamlessly-applied Device Security
and Unsupervised Machine Learning

Karamba XGuard:
Seamless Embedded Security

Karamba Security’s XGuard is an integrated solution of embedded software agents and a cloud-based backend. XGuard agents deterministically prevent malware and fileless attacks. The backend engine detects anomalous behavior and provides proactive alerts about suspicious devices.

Karamba XGuard Dashboard

Seamless Integration

XGuard agents are integrated as part of the firmware build toolchain. No source code is required, development processes are untapped, and the agent is seamlessly integrated with the product binaries.

Verification & validation are likewise unchanged. The product software image is tested with XGuard embedded into it, without requiring changes to test plans, as XGuard’s addition doesn’t change product functionality.

XGuard Agent: Negligible Performance Overhead

The XGuard embedded agent is designed for embedded systems, with low CPU and memory consumption. The agent takes up to 5% CPU overhead, 5% memory size, and about 10% of the flash size.

The agent local analysis and payload optimization reduce device traffic to the backend by 90%.

XGuard Backend: Unsupervised Machine Learning

XGuard’s backend has a set of predefined monitored behaviors but it also observes a huge number of events across the entire fleet and uses adaptive unsupervised machine learning to find anomalies that indicate threats. This allows Security Operations Center (SOC) teams to investigate highlighted anomalies and determine incidents and root cause.

XGuard automatically adjusts to a wide variety of device and fleet behaviors without requiring any user intervention.

Broad Threat Coverage

XGuard software enables OEMs and device manufacturers to assure their customers a high level of protection against cyberattacks.

  • Malware is deterministically detected as foreign code, which wasn’t part of the original build, and is prevented from executing.
  • Fileless attacks, which exploit in-memory vulnerabilities such as buffer overflow, are deterministically detected and prevented automatically by utilizing Karamba’s patented Control Flow Integrity (CFI).
  • The backend analytics engine points at a significant number of hacking attempts such as password guessing, privacy violations, and rogue devices.

ISO21434 and UNECE R155 Compliance

Software Integrity, security event logging and an update mechanism form the cornerstone of many cyber-related regulations in various industries.

Automotive OEMs and suppliers, who must meet the ISO21434 and UNECE R155 cybersecurity standards, use XGuard as for achieving compliance. The software, which is seamlessly integrated, and auto-adapts to fleet behavior, addresses the UNECE R155 requirements for software integrity, OTA updates, authentication, and logging, without taking an extra toll on R&D, or requiring changes to the ECU architecture.

XGuard Secure Visibility Platform Advantages

Seamless deployment

Seamless Deployment

Requires zero developer intervention or updates during the software development lifecycle. Karamba XGuard fits into off-the-shelf and proprietary build environments.

Light impact

Negligible Performance Impact

Optimized for embedded systems, this patented method enables runtime protection with less than 5% CPU overhead and 0 CAN network overhead.

Monitoring

Deep Security & Visibility

XGuard Monitor can analyze and monitor a vast array of IoT-specific threats, with granular indicators -- even the most difficult ones with short time to detect.

SW Quality

Improve Code Quality

Karamba has the unique ability to record and report deep root cause analysis details to security forensics personnel, so that code owners can identify vulnerabilities which hackers attempt to exploit.

Deterministic

Deterministic

The “known good” approach provides a deterministic algorithm which is inherently precise. Only legitimate files can execute to runtime memory. Unauthorized droppers are blocked.

Broad spectrum

A Broad Attack Spectrum

Deep security sensors deployed on each ECU and connected device provide both the researchers and the security analysts with continuous insights of the fleet, detecting anomalies and helping develop faster resolution of problems.

See Why Our Security Solutions Win Awards

Figure

XGuard One Pager

XGuard is OS agnostic, and compatible with a wide range of platforms out-of-the-box. The playform includes both an embedded agent and cloud-based monitoring.

Figure

Compatible Platforms

XGuard is OS agnostic and compatible with a wide range of platforms out-of-the-box. XGuard can also easily extend its coverage to your platform. Download the paper to read more.

Contact us to discuss XGuard!

Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 172 3991 036