Minerva has just won the first place at the 2016 Berlin Cyber Security Bootcamp hub:raum innovation contest sponsored by Deutsche Telekom (T-Systems) for early stage start ups.
These accolades are well deserved in the highly competitive field of cybersecurity, where Israeli security start-ups abound and are second in number globally only to the United States. Under the motto “Don’t Chase, Prevent!” Minerva Labs has developed novel software that protects systems from focused attacks without the need of prior- knowledge/ intelligence/ recognition.
This revolutionary new technology transforms the disadvantages of endpoint security into advantages, exposing malware before it launches and subjecting it to deep learning analysis.
Between prizes Bobritsky answered some questions about Minerva Labs:
What is unique about Minerva Labs?:
All most all security products are based on a “Detection and Response” paradigm. Major breaches have taught us that this paradigm suffers major vulnerabilities that are well known to the attackers.
First, we cannot fight unknown threats with known solutions\tools – all of our solutions\tools are available for the attackers off the shelf. They can learn our products and then evade them.
Second, time is paramount. Even with the best incidents response team, it still takes time to connect the dots, and the longer the time, the greater the damage.
Third, and the most important one, the moment you detect a breach – you are already breached, and it’s too late.
A study published by Qualys in 2012 tested 4 million malware that were used in targeted attacks, discovered that more than 80% of the malware use evasion techniques. This means that back in 2012 an industry (cyber security) of 60 billion USD were providing a solution for only 20% of the problem at a given time.
Evasion techniques enable the malware to evade security and forensics tools to avoid detection. But the Minerva Armor product neutralizes viruses before the installation phase in Lockheed Martin’s “cyber kill chain.” In order to avoid detection, the attack is aborted before the installation phase, before it even starts.
We make the packed malware to “believe” it is always inside a secure or forensics environment, so it refrains from execution and the attacked is prevented.
Minerva simulates the existence of security and forensics tools on each and every endpoint in the organization, so once packet malware reaches an endpoint protected by Minerva and queries if it is inside secure or forensics environment such as Sandbox, debugger, etc., it will get a “yes” answer. This way the attack is prevented before it even starts, before any damage has been done. Minerva creates a new paradigm: Prevention without (before) detection.
Minerva’s unique patent pending solution protects the organization from the deadliest attacks (such as the Sony Pictures attack), without the need to detect them first or for any prior knowledge and before any damage has been done. Minerva forces the attacker to pick his poison:
–Want to be sophisticated and use evasion techniques?
Minerva will prevent you.
-Want to go back to basics—without using evasion techniques?
Other security products will stop you.
What else does Minerva do for the endpoint user?
First, once the attack has been prevented, Minerva alerts you and gives you confidence and peace of mind that the threat has neutralized before any damage has been done.
Second, Minerva integrates with existing solutions in the organization such as Sandbox, AV products sending the malicious software back for deep and high priority analysis, thereby increasing their detection rates and effectiveness. With Minerva, the organization gets more for each dollar they already spent on (cyber) security.
Third, Minerva provides a complete solution to the ransomware problem.
Fourth, with Operation System Tampering Protection, Minerva protects critical applications including browsers and processes responsible for the intake of credit card information, and other sensitive data.
Tell us more about your team, what are their backgrounds?
Our team shares a vision of challenging the status quo and believes we have changed the rules of the cybersecurity game forever.
Before forming Minerva, my CTO Erez Breiman and I lead the largest endpoint security project in Israel (for the IDF). We worked on all aspects of endpoint security from testing products, implementation to maintenance. Prior Minerva, Erez was software architect of the PSM product (Privilege Session Management) at CyberArk.
VP of Research, Omri Moyal received his BSc in Computer Science from Otago, New Zealand, where he had a Microsoft scholarship to study forensics and reverse engineering. Prior Minerva Omri was the CTO and head of incident response team of ClearSky security.
A lot of cybersecurity technology claims to have a small or low footprint. How is Minerva’s small?
Minerva is a passive solution. Minerva simulates existence of security and forensics products without installing them on the endpoint. We do not scan files or initiate any other activity. Minerva consumes less than 1% CPU at all times, no major impact on RAM and has No impact whatsoever on the end user experience. We have no prerequisites, no reboots require (neither during installation or uninstalls), no signatures. We support all Windows platforms from XP to Win10, include Servers, Virtual Desktop Infrastructure, and other legacy systems.
What special advice can an Israeli cybersecurity developer offer Silicon Valley?
The market thrives for new security products that are based on new paradigms. Don’t give in to the status quo or take things just as they are. For example, it is hard to implement endpoint solutions – think out of the box and find the way to do it in an easy way.
What are the most important things that a student developer should learn and practice?
Hands-on experience is very important, don’t be afraid to use new programming language you are not familiar with, because in the end programming is programming regardless the language or environment you about to use.
Try to “hack” the system by taking the problem to other industry and try to solve it there, then, go back and do it with your code.
What’s next for Minerva Labs?
We are about to start our penetration to the US market and about to kickoff our next funding round in the following months.
Think you recognize the Owl of Minerva, the one that “spreads its wings only with the falling of the dusk?”
Think again. Minerva Labs is already on it.