11:11 AM
Dark Reading
Dark Reading
Products and Releases

SafeNet Envelope Protects Software From Piracy And Reverse Engineering

Sentinel Envelope secures applications through the use of an automatic file wrapper

BALTIMORE – April 9, 2013 – Software monetization leader, SafeNet, Inc. today announced the availability of its third-generation Sentinel Envelope technology, which helps software developers protect code integrity, deliver strong application security, and, at the same time, reduce deployment delays and overhead costs.

As software publishers try to balance how best to prevent misuse of their software without creating unnecessary obstacles for legitimately paying customers, Sentinel Envelope works with Sentinel LDK, the company's out-of-the-box software protection, licensing, and entitlement management system, to help them protect their software and intellectual property (IP) while minimizing disruption and maximizing profitability.

Sentinel Envelope achieves this by providing software developers with superior application protection, including an automatic file packer (i.e., wrapper) that employs SafeNet's advanced file encryption, code obfuscation, and anti-debugging technologies. The Sentinel Envelope also creates a robust shield that wraps executable files and dynamically linked libraries (DLLs) and binds applications to hardware- or software-based protection keys, enabling customers to more effectively enforce copy protection, protect trade secrets, professional know-how, and IP from reverse engineering, tampering, and piracy.

"Protecting hard-earned trade secrets and intellectual capital is critical for ISVs to remain competitive and relevant in the market," said Jake Fox, vice president, product management, Software Monetization, SafeNet. "The third generation of LDK Envelope technology takes software protection to the next level. LDK Envelope makes it extremely difficult for hackers to reverse engineer protected intellectual property. By implementing strong application security, software vendors can confidently maintain their competitive advantage."

The Sentinel Envelope introduces innovative new features for both its 32- and 64-bit engine, including import table gating, OEP (original entry point) obfuscation, constant runtime debugging protection, improved real-time anti-debugging and anti-tracing capabilities, and what is believed to be the industry's first and only file packer utilizing a white-box-based secure channel that protects the secure channel encryption key from dynamic or static extraction from protected binaries. All of the features in Sentinel Envelope combine to provide software vendors with enhanced copy protection and prevention of modification and tampering.

The third-generation enhancements to the Sentinel Envelope include:

· Enhanced security protection for 32- and 64-bit architectures--blocks the reconstruction of protected binaries from attacks based on memory dumping.

· White-box-based secure communication channel--utilizes vendor-specific components to ensure that the secure channel encryption key cannot be dynamically or statically extracted from the protected binaries. This is the first solution of its kind in the industry.

· Import address table obfuscation and gating--removes the import address table (IAT) and scatters its information inside the Envelope code, including the original entry point (OEP). Calls for imported system functions are also redirected via import gates for all known system DLLs.

· Constant runtime-debugging protection--enhances user-mode debugger detection on running processes that hardens the software against tracing techniques and confuses hackers with delayed responses, misleading commands, and false information.

· User-mode software-based licenses--provides "user-mode" licenses that do not require installation of the runtime environment, enabling faster, easier, and lower overhead installations, regardless of administrative rights.

These enhancements make Sentinel LDK's Envelope technology one of the most secure application security solutions on the market today. They will enable software vendors to more easily protect access and use of their applications, ensure product and brand integrity, combat competitive espionage, and safeguard revenue streams.

"Rigorously protecting intellectual property from theft, reverse engineering, and tampering is critical for software vendors in today's ultra-competitive environment," continued Jake Fox. "Strong security is one of the cornerstones of an effective software monetization strategy, and the Sentinel LDK Envelope delivers cutting-edge code encryption and counter-hacking techniques to protect valuable IP from persistent, intelligent threats."

Supporting Resources:

· Learn more about Sentinel Licensing Development Kit (LDK).

· Learn more about Sentinel Envelope.

· Learn more about the four aspects of a comprehensive software monetization strategy.

· Join the LicensingLive! Software Monetization Community.

· Follow SafeNet on Twitter, Facebook, YouTube, and LinkedIn.

About SafeNet Software Monetization Solutions

SafeNet has more than 25 years of experience in delivering innovative and reliable software licensing and entitlement management solutions to software publishers, technology vendors, and cloud service providers worldwide.

Easy to integrate and use, innovative, and feature focused, the company's family of Sentinel Software Monetization Solutions are designed to meet the unique license enablement, enforcement, and management requirements of any organization, regardless of size, technical requirements, or organizational structure. SafeNet clients are able to address each and every aspect of the software monetization lifecycle--from copy and intellectual property protection to product catalog management and ongoing end-user experience improvement. With a proven history of adapting to new requirements and introducing new technologies to address evolving market conditions, SafeNet's more than 25,000 customers around the globe know that by choosing Sentinel, they choose the freedom to evolve how they do business today, tomorrow, and beyond.

About SafeNet, Inc.

Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet's data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the data center to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.