Scitlabs
SCIT Labs
SCIT Labs is a software company that developing and commercializing threat independent cyber security solutions for the government and commercial markets. Its core products (the SCIT product-line) are based on the principle of intrusion tolerance.
The company has been founded by Dr Arun Sood of George Mason University in 2007. It has its headquaters in Northern Virginia.
SCIT technology
SCIT provides business and mission resilience; the ability to work through an attack without having to know the specific threat or attack methodology. Current security products and services focus on [. Their approach is reactive and dependent on recognizing the threat signature. Unfortunately, the adversaries are always a step ahead with new threats and new malware, leading to an unrecognized threat. SCIT Labs solution is a paradigm shift - their focus is on limiting damage and automated recovery to a known good state. Though DARPA has supported intrusion tolerance research, SCIT is the first commercial intrusion tolerance solution.
SCIT addresses the problem and reduces the risk from not having correct threat signatures for known threats and no threat signatures for unknown threats. SCIT provides a dynamic virtual environment for the server application / OS, shortens exposure to the internet, and routinely restores to a known good state.
SCIT can be provided as software or as hardware appliance. SCIT has minimal impact on server performance. SCIT software is loaded onto the server and requires very little administrative oversight, and its operation is transparent to the server operation. (Load and forget software that runs in the background).
SCIT’s competitive edge is that it provides a new cost effective layer of defense against known and unknown threats for servers. SCIT augments IDS and IPS operations because it does not rely on threat signatures or characteristics or packet inspection. By providing protection against unknown threats, SCIT provides protection that other security defenses do not. SCIT automatically reinstates an uncompromised version of the server application / OS every minute; SCIT automatically deletes malware installed on the server without detecting the presence of malware; reduces IT support costs by providing alternate incident management strategies and by avoiding rebuilding web servers after an attack.

Intrusion tolerance recognizes that malware invasions are a certainty in today’s network environment and SCIT provides an effective defense by continually refreshing, pristine virtual SCIT layer placed between the external and internal hardware/software layers. While current servers are sitting ducks, SCIT uses dynamic approaches to protect the servers and reduce risk of compromise to IT operations.
SCIT Labs is licensing the SCIT technology from George Mason University.
Methods of machine virtualization, multiplexing and the optimization of system-specific exposure times are all covered by . SCIT uses virtualization technology, SCIT rotates pristine virtual servers and applications every sixty seconds or less.
In the graphic shown here, five online virtual servers (shown in red) are processing transactions while three offline servers are being cleaned and restored to a pristine state. Every minute a pristine “green” server is swapped out with a “red” server and the SCIT rotation cycle begins again.
 
< Prev   Next >
[ Back ]

Main Menu

Home
Articles
Search
Submit Article
Contact Us
Donate to Wikibin
All text is available under the terms of the GNU Free Documentation License.