Recent media reports indicate these types of advanced cyber-attacks are increasingly more common across all public and commercial sectors than previously thought. The National Institute of Standards and Technology (NIST) recognized this reality and issued initial guidelines for protecting a computer’s BIOS in its special publication 800-147.
In response, Wave developed Endpoint Monitor, which uses the Trusted Platform Module (TPM) embedded in business-class PCs to ferret out APTs by scanning a system’s environment before the operating system loads for anomalous behaviors that can be linked to the presence of malware. If anomalies are detected, IT is alerted immediately with real-time analytics.
“To protect against today’s advanced threats, it’s critical to have a strong foundation of trust in all endpoint devices,” commented Steven Sprague, Wave’s CEO and President. “That starts by knowing that your PC has not been changed by a third party—and is free of malware in the BIOS—and extends to verifying the identity of the device. Wave Endpoint Monitor gives IT a powerful tool to collect, manage and analyze pre-OS health information, and to leverage the advanced hardware trust enabled by the TPM.”
Endpoint Monitor Harnesses Security of Broadly Deployed Security Chip
Almost a decade ago, the computer industry recognized the growing threat of cyber-attacks and, in response, formed the Trusted Computing Group (TCG), an international industry standards body committed to promoting technologies and standards intended to make computers more secure, reliable and less prone to viruses and malware. One such TCG standard outlines the specifications for an embedded security chip called the Trusted Platform Module (TPM), included on business-class PCs. Dell, HP and Lenovo include TPMs as part of their standard hardware configurations and have shipped hundreds of millions of TPM-equipped systems — ready to defend organizations against APTs and other types of sophisticated threats.
Microsoft has put renewed focus on the advanced security capabilities of the TPM with the preview last week of its new Windows 8 operating system. Windows 8 allows automatic provisioning of the TPM and provides new programming interfaces to utilize features in the TPM.
Ensuring Endpoints Are Known and Trusted
Wave Endpoint Monitor utilizes the TPM to provide system integrity measurements through the use of keys native to the TPM for strong and verifiable platform identity. The information provided by Wave Endpoint Monitor can be used by enterprise networks and servers, and Cloud services to ensure that only known devices are connected to critical applications and sources of sensitive data.
Key features of Wave Endpoint Monitor include:
Captures verifiable PC health and security metrics at system boot (before the operating system loads).
Securely reports the PC health data for central reporting and analysis (ensuring the data came from a ‘known’ device).
Alerts IT administrators to potential threats to a system.
Provides configurable reporting and query tools.
Compatible with the millions of platforms with any TPM; a distinct advantage over solutions tied to a single brand of chip or chipset.
Provides the foundation upon which network connect decisions are based.
Wave Endpoint Monitor provides the foundation to enable Cloud services to determine that a device has a properly configured self-encrypting drive, or that a PC was booted from its primary drive—all before any sensitive data is allowed to be downloaded. The solution is compatible with all Windows XP, Vista and WIN7 operating systems and supports all commercially available TPMs.
About Wave Systems Corp. (www.wave.com):
Wave Systems Corp. reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.