Capsule8, unveils the beta version of the Capsule8 Open Source Attack Detection Sensor. The new Open Source Sensor is used as part of the Capsule8 Protect platform. It will facilitate real-time detection of Linux-based attacks.
Next, the company has announced providing open source proof of concept code for the first fast, efficient detection of the Intel Meltdown vulnerability, with minimal false positives.
“Remediation works but it’s painful in terms of time and resources required. The necessary upgrades lead to huge cost and stability risk,” said Dino Dai Zovi, co-founder and CTO of Capsule8.
The Capsule8 Open Source Sensor is built to support efficient gathering of system level telemetry, much like the commonly used auditd, but built for performance under load. Currently, Capsule8’s Protect platform is in beta mode. It uses the sensor to do real-time attack disruption, enabling people to detect zero-day attacks and respond to them in real time.
Anyone using the Capsule8 Open Source Attack Detection Sensor can build their own attack strategies. As an example, the company has provided a strategy for detection for the recent Meltdown vulnerability under an Apache license.
The sensor works for any out-of-the-box version of Linux, dating back to the Linux 2.6 Kernel.
“Now, organisations can specifically detect attempts to exploit these problems, giving them the ability to monitor for the problem and respond in real time, up until they’re able to remediate appropriately,” said John Viega, co-founder and CEO of Capsule8. Read more…