Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

9/14/2012
01:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wave Endpoint Monitor Delivers New Weapon In The Battle Against Advanced Persistent Threats

Wave Endpoint Monitor captures verifiable PC health and security metrics before the operating system load

Lee, MA-- September 11, 2012 --Wave Systems Corp. (NASDAQ:"WAVX") today announced the general availability of Wave Endpoint Monitor (WEM), the only solution that detects malware by leveraging capabilities of an industry standard security chip onboard the PC. WEM provides increased visibility into endpoint health to help protect enterprise resources and minimize the potential cost of advanced persistent threats such as rootkits.

Rootkit attacks are particularly harmful in their ability to hide in host systems, evade current mainstream detection methods (such as anti-virus programs or whitelisting at the operating system level) and their capacity to replace legitimate IT system firmware. Such attacks occur before the operating system (OS) loads, targeting the system BIOS and Master Boot Record (MBR), and can persistently infect higher-level system functions including operating systems and applications.

"APTs facing enterprises today are more complex, nefarious and sophisticated than ever before," said Richard Stiennon, Chief Research Analyst at IT-Harvest and author of Surviving Cyberwar. "Malware hiding in a device's BIOS will go undetected by traditional anti-virus programs operating at the OS level, creating a strong need for a solution that can identify an attack as it happens. Because Wave's approach is rooted in hardware-based technologies, rootkits and other malware can be spotted before the OS even starts."

Wave Endpoint Monitor captures verifiable PC health and security metrics before the operating system loads, by utilizing information stored within the Trusted Platform Module (TPM), a security chip located on the motherboard of all business PCs. If anomalies are detected, IT is alerted immediately with real-time analytics. Capabilities of Wave Endpoint Monitor include:

· Securely reports PC integrity measurements for central reporting and analysis

· Ensures data comes from a known endpoint

· Alerts IT administrators to anomalous behaviors, which can be linked to the presence of malware

· Provides configurable reporting and query tools

· Ensures strong device identity through the use of hardware-based digital certificates

· Remote provisioning of the TPM

"Today's security threat environment calls for industry-proven solutions to collect and analyze pre-operating system health information and to ensure endpoints are known and trusted," said Steven Sprague, CEO of Wave Systems. "Since advanced persistent threats can sometimes appear as normal traffic, new rootkits often go unnoticed for long periods of time and cause severe damage in the form of infected systems and data loss. Wave Endpoint Monitor allows IT to utilize the hardware security you've already bought and deployed to ensure PC health from the start of the boot process while creating a higher level of trust in your endpoints."

Wave has successfully piloted WEM with several government groups for the past six months.

The National Institute of Standards and Technology (NIST) has also recognized the importance of BIOS integrity and has issued initial guidelines for protecting a computer's BIOS in SP 800-147 and SP 800-155 (draft).

Wave Endpoint Monitor, plus Wave's EMBASSY Remote Administration Server (ERAS) with full central management of all enterprise TPMs, supports all platforms with version 1.2 TPMs and is now available for purchase.

About Wave Systems

Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14499
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
CVE-2020-14501
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also ...
CVE-2020-14503
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code.
CVE-2020-14497
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code.
CVE-2020-14505
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection�) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that create...