Their Story At Hacker Summer Camp | Las Vegas 2019 | Willy Leichter, Virsec Systems

This is promotional content. Learn more.

A Their Story About Solving Complexity | Told By Willy Leichter, Virsec.jpeg

A Their Story interview with Marco Ciappelli & Sean Martin
Guest: Willy Leichter, Vice President, Marketing, Virsec Systems

The organization telling us their story today is Virsec.


Keep it simple, they say. With technology—and cybersecurity—most of the time, this is way easier said than done; especially when you set out from the start to solve very complex problems. But you know what you can do? You can look at these problems from a different angle and make your mission and goal to find solutions that are simple to deploy and manage.

Virsec's founder and CTO, Satya Gupta, has been working on these problems for over a decade, mapping the correct memory usage of an application and then enforce it, and by doing so solving complex problems; problems that can't be explained or simplified overnight, and where the barrier to entry is set pretty high.

The differentiator here is looking at everything possible to observe about an application, including memory usage, the integrity of files, the system's hygiene, etc. With this information in-hand, Virsec can create a map of virtually everything the app is supposed to do.

If a picture helps to describe what this looks like, you can use an analogy like Google Maps. Virsec maps what's supposed to happen within the app and then, in real-time—since they have it mapped—they can see if it's going off the rails, going somewhere different than where is supposed to go, or in our case, if it's doing what it's supposed to do. It's a fundamentally different view of security.

You can sum it up like this: Instead of worrying about what bad stuff is out there, make sure that the app does what is supposed to do and act as it is supposed to work; that is doesn't get corrupted; that it doesn't have someone change a DLL or corrupt the memory.

With the national vulnerability database (NVD) breaking 20,000 entries and organizations running 10's of thousands of "endpoints" that could be compromised if the vulnerability exposure is not closed, is patching the answer? Shouldn't there be a better way?

But don't take my word for it. Listen to Willy and hear how he tells this story.