Embedded Application Whitelisting

Automatically built, prevents loading of unauthorized executables

Karamba XGuard Whitelisting:
Deterministically Prevents The Loading
Of Unsigned Executables

Application whitelisting is not a new idea in security, and in a confined application the “known good” list is a very effective security against dropper attacks.

Hackers looking to upload new scripts, binaries or libraries into memory will be blocked as the whitelisting in comparing, in runtime, between each executable and the authorized list.

Karamba's secret sauce is the automatic process to map and build this whitelist. In very large applications with thousands of executables, only an automatic and granular building of the whitelist is practical to protect the code.

Given the dynamic nature of the supply chain Karamba XGuard Whitelisting has a built-in mechanism to allow external signed binaries from 3rd party as well as update diff from the image authority.

Karamba XGuard Whitelist

XGuard Whitelisting Advantages

ECU Protects Itself

Self-Protection

Embedded security Whitelisting is immutable and always on. Only preapproved files can upload into memory, preventing executing of unknown scripts, libraries and binaries. No cloud connectivity is required.

Zero False Positives

Deterministic

The “known good” approach provides a deterministic algorithm which is inherently precise. Only legitimate files can execute to runtime memory. Unauthorized droppers are blocked.

Supports all ECUs

Configurable Outcomes

Prevents unauthorized file load attempts as soon as they are detected.

See Why Our Security Solutions Win Awards

Figure

White Paper

What is autonomous security and how does it provide superior runtime integrity protection? In this white paper, we explain how deterministic methods harden the runtime environment to prevent system hacking.

Figure

Datasheet

Karamba’s platform features CFI, whitelisting, on-premise or cloud-based management, customizable reporting and forensics. Plus it’s easy to deploy, and supports almost any platform, build environment, and architecture.

Figure

Runtime Integrity at a Glance

How does Karamba prevent hacking attempts? See a diagram of connected systems cybersecurity. Learn how Karamba eliminates the risks of false positives, performance drag, and security gaps.

Want to learn more?

Contact Us
Loc

USA

41000 Woodward Ave
Building East, Suite 350
Bloomfield Hills, MI 48304
Tel: +1 248-574-5171

Loc

Israel

24 HaNagar Street
Hod Hasharon
45277-13
Tel: +972 9 88 66 113

Loc

Germany

Wasserburger
Landstr. 264, Munich
81827
Tel: +49 151 1471 6088