If it’s Not Exploitable, it’s Not a Vulnerability

Don’t you think it’s absurd that we participate in an endless race to manage and patch vulnerabilities, even though new ones appear all the time? We repeatedly spend all this time and money, essentially with no finish line in sight, all while unknown threats remain hovering over our heads.

 At Sternum, we believe there is another way.

The existence of vulnerabilities is ever-present and inevitable. This is true for any kind of software. Let’s take memory-based vulnerabilities as an example. They are widespread and represent a high-end threat to IoT devices, responsible for 70% of Microsoft’s patch Tuesdays. Thousands of such memory-based vulnerabilities are reported each month and countless more are unknown. Instead of manually patching all these memory-based vulnerabilities, what if we simply prevented their exploitations?  No exploitation, no damage.

The existence of a vulnerability is not enough for a threat actor to cause damage;  he first has to exploit a specific vulnerability to initiate his attack. Moving the defender’s focus from perpetually investing resources into manually and arduously patching vulnerabilities, to automatically identifying and preventing the exploitation attempt itself through proactive security controls represents a much-needed remedy.

There lies a common denominator in all of this. For every memory-based vulnerability, a certain step must be performed which is distinctly recognizable and identical across all attacks. Focusing on identifying and preventing that step caan eliminate an entire class of existing and future memory-based vulnerabilities from potential exploitation. 

At Sternum, we call these identical and necessary steps the Exploitation Fingerprint™. Just like a sophisticated detective, our technology tracks, identifies, and locates this Exploitation Fingerprint™ in real-time to flag the presence of an attacker, and prevent the attack itself.

Sternum’s EIV (Embedded Integration Verification) monitors and verifies each operation in the memory, inspectng and validating its integrity in real-time. When EIV determines that a memory operation will result in the Exploitation Fingerprint™ in memory, it prevents it from happening, preventing any corruption of the memory, nullifying any potential exploitation. If it’s not exploitable, it’s not a vulnerability.

Proven in-field

EIV has attained a 96.5% total prevention rate of memory-based vulnerabilities in industry benchmarking metrics. This includes a 100% prevention rate of memory overflow vulnerabilities, a 100% prevention rate when testing in research labs and in-field by our customers as well as full prevention of all latest memory-based, fileless attacks and/or critical CVEs that were disclosed as part of the Ripple20 and Amnesia:33 publications.

Patch at Your Own Pace, Regain Control

For our customers, patching and updating happens (if at all) at their own choice, along with an already pre-scheduled update. They are no longer hostage to critical vulnerabilities, forcing them to speed up and update in order to avoid disaster. They are no longer listed vulnerable to disclosed vulnerabilities, needing to defend themselves. They no longer invest many R&D resources to initiate a mitigation, since they are already immune. Our customers are in control.

It’s time to end the vulnerability wild goose chase. Stop mitigating, start preventing.

Pedro Mier

Pedro Mier holds a degree in Telecommunications Engineer ing from the Polytechnic University of Catalonia, MBA from ESADE and PADE from IESE. He is currently President of AMETIC (Association of Electronics, Information Technology and Telecommunications Companies of Spain), Shareholder and Chairman of the Board of Directors of TRYO Aerospace & Electronics, Board Member of the Premo Group and Committee of CTTC. member of Space Angels Network and Member of the Sc ientific Advisory