Fahrenheit WAF Langsec Research: Part 4 – Detection Ceiling

By |August 17th, 2016|Fahrenheit|

Calculated Impact of Langsec Design Flaws on Detection Success   Part 3, explained why current WAF design flaws impact their ability to detect Web application attacks, using Chomsky Language Hierarchy and Formal Language Theory. Langsec informs us that current WAF design using signatures, will miss attacks. Mathematically speaking, all signature-based technologies such as scanning, WAF, ids/ips and

Fahrenheit WAF Langsec Research: Part 3

By |August 15th, 2016|Fahrenheit|

Formal Language Theory and Chomsky Language Hierarchy Part 2  presented that Langsec gives us an understanding of the design limitation of current WAFs, and all signature based detection, such as AV. In langsec, decidability matters. In order to have proper attack detection, and therefore security, one needs decidability. The notion of context in language recognition is

Fahrenheit WAF Langsec Research: Part 2

By |August 14th, 2016|Fahrenheit|

Langsec: Background Concepts   Trustifier research looks at the scientific reasons behind why current automatic cyber-defense systems are failing. What do the fundamental principles of computer science say about detecting cyber attacks, or limitations of current approaches? Langsec helps us to understand this. Warning: computing science concepts ahead I jokingly refer to this content as, "All of the

Trustifier Fahrenheit Langsec Research-Intro

By |August 9th, 2016|Fahrenheit|

Trustifier Labs Fahrenheit Langsec-based research efforts considered inherent design flaws in current WAFs as part of a broader research purpose. This research examined the scientific reasons behind why current automatic cyber-defense systems are failing. What do the fundamental principles of computer science say about detecting cyber attacks, or limitations of current approaches? Does understanding these limitations also open

TUX AI and KSE Ransomware Prevention

By |April 14th, 2016|Fahrenheit, Insider threat, KSE, TUX GUI|

Ransomware Ascending - Part 4   SMB Security Simplified The ransomware problem continues to explode. Infosec, business and government are struggling to find solutions. There is debate about whether to pay ransom, it often hinges on whether one has data backups. KSE adds controls on the systems where ransomware attacks are attempted, stopping them. TUX

Security innovation: math counts!

By |November 1st, 2015|Fahrenheit, Insider threat, KSE|

  In the past, I took notice of some tweets and a blog from Cylance explaining how they use math in their offering. I’m no mathematician, but I remember thinking, “Sure, why not?” Trustifier tech is built using math and has done so from the start so I know what’s possible. While Cylance focuses on