SRI spin-out, Accuknox, uses a high-performance runtime zero-trust container to protect applications, networks, and data.
As companies move their data and computing resources to the cloud, they need to continually verify trust in their systems and address emerging threats quickly and effectively. The recent cyberattack on IT networking and management company SolarWinds underscores the tremendous importance of improving and updating our current cybersecurity infrastructure.
Startup company Accuknox, a spin-off from SRI International, is focused on providing meaningful advancement in cybersecurity for private and public clouds. Accuknox uses patented cutting-edge technology to dramatically enhance cybersecurity defenses. The result is a security solution that uses a high-performance runtime zero trust container (more on this below) that protects applications, networks and data alike.
As a recognized leader and innovator with a proven track record in the field of cybersecurity, SRI’s patented innovations focus on machine learning-based anomaly detection, data provenance and data tracking technology. Accuknox technology draws on these patented innovations.
Critical management of unguarded portals
Quite often, attackers appear like regular users or services and then set out to take advantage of this privilege to steal data in multistage attacks. The currently used defense mechanisms look for known patterns. However, they no longer provide the level of safety that is required in today’s internet environment.
For example, if assets or applications are running on your system — whether physical, cloud, or distributed over different spaces or locations — how do you know they are not doing something malicious? For example, a bitcoin miner could be drawing on your network resources, or a ransomware attack could be brewing. But these are hard problems to detect.
Accuknox is drawing on the potential of unsupervised machine learning. Developed at SRI, this approach relies on spotting abnormal activities. The system is constantly learning what is good and what is bad.
Accuknox also relies on two other technologies developed at SRI to ensure data security, data provenance (a tracking record for data) and variational autoencoders (VAE, deep-learning neural networks that can generate missing data at a high level of probability). Accuknox allows companies to isolate, track and protect every aspect of data on their network and applications at a fine-grain level.
Detecting and addressing threats
Given the connected nature of the internet, and with the increasing move to cloud computing, data security has become more important because of the greatly increased opportunity for cyberintrusion. Nat Natraj, CEO and co-founder of Accuknox, explains, “The end result is a free for all, as the perimeter is porous… Assets don’t truly belong to you when you’re running shared assets on the cloud. This means if an attacker compromises a given asset, they can essentially come in and take over your in-house and on-premise assets.” Thus, it is essential that threats can be detected before attackers can do lasting damage.
One approach is through Zero Trust Architecture (or Zero-trust). Zero-trust is a concept in cybersecurity that begins with the idea that all network environments should be deemed hostile. Administrators should assume threats are already within the network — they should start with zero trust. Furthermore, Zero-trust views anything and everything as potentially hostile to the system, whether it comes from inside or outside an organization’s perimeters. Everything must be verified before access is granted. Thus, the Zero trust motto is “never trust, always verify.”
Addressing container security
With more and more businesses moving their IT infrastructure to the cloud, and computing distributed throughout various locations and servers, containers are being used more widely. Containers break operating systems into separate spaces to enable applications to run safely. Through being isolated from other applications, containers allow the developers to create environments with predictable behaviors. Containers provide enormous efficiency, which is why they are so widely used by companies that send and receive large amounts of data. In fact, Gartner Research predicts that by 2022, more than 75% of global applications will be running in containers; therefore maintaining and strengthening container security is critical.
Realizing that the security for containers and Kubernetes architecture was lacking, Natraj and his team have set out to dvelop new and patentable technologies that would simplify and transform internet security for corporations.
However, due to their massive scale, using containers present a variety of issues to overcome. It’s challenging to create firewalls for them and ensure they are properly managed.
Kubernetes is an open-source container platform developed by Google. It helps to manage containerized applications in different environments. A Kubernetes cluster should be secure, easy to use and extendable. Kubernetes are often chosen because they allow granular management and can establish the foundation for cloud-based apps.
Natraj noted, “Google created a Kubernetes architecture of their entire infrastructure, which means they’ve taken one big monolith application and broken it down into very, very small chunks. Yet, this is not without its challenges.” Traditional approaches to cybersecurity, such as Linux, VM security such as IPTables and control groups (cgroups), are not cost-effective or scalable when it comes to large-scale container workloads.
Containers are growing at a very rapid scale, and they have experienced many high-profile attacks. While the vast majority of attacks go unpublicized, the reality is that such problems are commonplace. Simply stated, containers are very vulnerable. Part of this vulnerability stems from the fact that the internet was originally created to share but not necessarily protect information.
Streamlined enterprise solutions
With the help of SRI, Accuknox is making its technology available for large enterprises. To date, some of the world’s top security companies and credit card companies are already using its cloud-based platform. “We’ve been working with some amazing early adopter customers to take technology and make it available in a practical, usable at scale for the enterprise,” explained Natraj.
Companies can point to different partitions that they want to be protected. Accuknox will then discover those assets and determine the kind of appropriate compliance before developing a set of business rules that can be enforced and deployed.
“There are lots of complexities in the Kubernetes cloud world, but we want to make our solutions simple to use, simple to deploy, and simple to manage,” added Natraj.
Accuknox closed a seed round of funding in late 2020, and there has been tremendous interest from investors and customers alike. They plan to continue to build products on open-source technologies and give back to communities. They also plan to develop additional value-added features. Ultimately, Accuknox hopes to make cloud security as intuitive, fast and functional for users as a performing a simple Google search. They are positioned to be a game-changing company in the realm of cybersecurity.
Learn more about Accuknox: accuknox.com
Resources
https://www.redhat.com/en/topics/containers/kubernetes-architecture