AVIRTEK is a startup company that is developing Autonomic Cyber Security (ACS) technology that is analogous to the human immune system that can self-manage and self-protect user’s computers, networks, data, and applications with little involvement of users or administrators. Below is our recent interview with Salim Hariri, CEO at AVIRTEK:
Q: Could you provide our readers with a brief introduction to AVIRTEK?
A: The ACS platform represents a paradigm shift in how we secure and protect our cyber resources and services. It integrates bio-metrics and cyber-metrics along with predictive analysis and automated responses to stop cyberattacks in a timely manner.
Q: Can you give us insights into your products?
A: We are currently using our ACS technology to develop two commercial products:
1) Continuous Security Compliance (CSC) product that will enable small companies working with the Department of Defense (DoD) to pass its Cybersecurity Maturity Model Certification, or CMMC program that was introduced last year at Level 2 and/or Level 3. CMMC is the next stage in DoD efforts to properly secure the Defense Industrial Base (DIB). The CSC platform will continuously monitor the company cyber resources, identify its hardware and software assets, make sure all these components are configured securely, report any vulnerabilities that might exist and recommend automated or semi-automated actions to fix these vulnerabilities, and finally automatically protect against any malicious cyber events that can be detected by CSC anomaly behavior analysis software agents.
2) The second product focuses on Insider Threat Protection (ITP) to protect small/medium size businesses against insider threats. ITP product adopts Zero Trust Principle (ZTP) which means, it continuously authenticates each user and authorizes his/her operations; currently, once you are authenticated and authorized, no more authentication and/or checking on authorization. ITP utilizes innovative AI and machine learning algorithms to recognize efficiently the identity of the user by using bio-metrics (keyboard and mouse usage patterns) and cyber-metrics (the devices, networks, software and applications that are commonly used by the users) and also validate that the users operations are acceptable by the current security policies.
Q: What are the limitations of current cyber security solutions?
A: The current cybrersecurity tools and technologies have failed significantly in spite of drastic increases of R&D funds. There are many reasons for the failures, below is the main ones:
- There are more than 3.8 billion Internet users, up from 2 billion in 2015
- With the proliferation of Internet of Things (IoT) devices and services that will reach more than 40 billions in next few years.
With this exponential growth in attack surfaces and vulnerabilities, current cybersecurity have failed severely because they are:
- Manual intensive and that makes them too slow to respond in a timely manner
- Mainly signature base by assuming that they know what the signatures of malicious attacks
- Reactive and not proactive
- Do not effectively use bio-metrics to supplement their cyber-metrics
We need a disruptive cybersecurity technology that is significantly different. AVIRTEK ACS technology is a paradigm shift on how to secure and protect our cyber systems and applications. It can detect non-self behaviors and protect us against cyberattacks without involvement of users or system administrators.
Q: What are the main principles of AVIRTEK ACS architecture? How does it work?
A: The AVIRTEK ACS architecture is motivated by principles of the human immune system that continuously and seamlessly searches for antigens (attacking elements) and lead to producing antibodies that can seek intruders and help to destroy them. In a similar manner, AVIRTEK ACS continuously monitors the managed cyber resources or services and selects appropriate features to build their behavior footprints that will be used to perform real-time anomaly behavior analysis so that it can take proactive actions to stop detected attacks or mitigate their impacts. ACS achieving these innovative capabilities by using the following:
Self-Recognition Footprints (SRFs) Data structures that will be used to identify any non-self-behavior by the monitored systems or users.
Self-Recognition Agents (SRAs) that will perform innovative data analytics to proactively detect any anomalous behavior (non-self behavior) by computers, users, and applications that might have been triggered by malicious actions.
Self-Protection Agents (SPAs) that will provide automated/semi-automated actions to proactively protect computers, users, and applications against malicious attacks, and recommend actions that can be taken to resume normal operations or mitigate their impacts.
Q: What are some of the main objectives for AVIRTEK in 2020 and how do you plan to achieve them?
A: Our goal of this year to successfully deploy two prototypes according to our current 2.5 Million Dollars contract with DoD: Autonomic Security Operations Center (ASoC) and Tactical Cyber Immune System (TCIS) at US Air Force and US Army sites. In addition, we like to seek private funding to help us in large scale deployment of our two commercial products (Continuous Security Compliance (CSC) and Insider Threat Protection (ITP) products).