The patent-pending Symbiote technology, exclusively licensed to Red Balloon Security, provides for the first time, effective host defenses for embedded systems. The research in the IDS lab that led to the invention and development of the Symbiote technology was sponsored by DARPA, IARPA and DHS.
The Symbiote technology is the first host-based defense for arbitrary embedded device firmware. Symbiotes defend embedded systems' firmware with entirely new defensive capabilities proven through DARPA-sponsored research at Columbia University. The Software Symbiote is a host-based defensive technology that injects intrusion detection functionality into the firmware of a (legacy) embedded system and that senses and alerts on the unauthorized modification of the device firmware or the attempted exploitation of the device from memory-resident malware and ROP attacks. Symbiote injection is randomized so that each instance of a protected device firmware is distinct from all other injected systems, thereby thwarting attempts by an adversary to disable the injected Symbiote. Formal evaluations of our Symbiote technology have shown that it can detect all code injection attacks against firmware without impacting the device's performance. The device operates normally without any loss of function or features. See the world's first safe IP phone protected by Red Balloon Security's Symbiote technology.
FRAK is the firmware reverse engineering and analysis console developed by Red Balloon Security under a DARPA Cyber Fast Track contract. This technology provides the means of automatically injecting protective Symbiote technology into any proprietary firmware with a few commands or lines of code. FRAK has been demonstrated to inject the same Symbiote into routers, printers and IP phones. RBS's technology scales the distribution and insertion of protective Symbiotes into any embedded device, either at the factory when firmware is installed on a new device, or in the field for legacy devices that are widely deployed. See our demo of FRAK at DEF CON 20.
RED BALLOON SECURITY COPYRIGHT 2013 // CONTACT US: [email protected]