DEFEND IN DEPTH WITH EMBEDDED SECURITY

A single defense may be circumvented, but Red Balloon Security’s embedded protection suite delivers multiple layers of defense through host-based defenses.

Autotomic Binary Reduction (ABR) is an embedded security solution that removes unused features from binary embedded device firmware in order to reduce attack surface available to attackers.

Randomize memory and code

Increase the difficulty and time required to exploit a vulnerability. Expand the window for your vendors and users to react to vulnerabilities.

Binary Structure Randomization (BSR) is an embedded security solution that randomizes the code layout and data at a binary level across firmware images, defeating attacks that rely on knowledge of the code layout. 

Reduce exposure to vulnerabilities

Limit access to your devices and the tools available to an attacker if they gain a foothold. Reduce the patches and firmware updates needed to keep up with the growth of vulnerabilities in libraries and OS’s.

Deploy to firmware in minutes

Follow a standard device firmware build. Apply the security in minutes without R&D interactions, using the automated system.

The Frak appliance is utilized in the firmware build process to automatically apply FW Hardening (ABR & BSR) and inject the FW protection (Symbiote Suite).

No source code required*

Apply protection automatically to the final firmware without exposing intellectual property or disrupting device behavior and R&D resources. *Access to source code can accelerate the process.

REDUCE YOUR ATTACK SURFACE

Remove excess code, services and information from devices. Make them faster, more difficult to exploit and less susceptible to vulnerabilities from third-party libraries.

FIRMWARE HARDENING

FIRMWARE HARDENING

Continuously monitor in real-time for any modifications to critical conditions of the device, including corruption of device memory, control-flow, and processes. Symbiote embeds defensive payloads in device firmware to protect your firmware against attacks.

Protect and monitor memory & code paths

Monitor code and memory usage to detect attacks, regardless of the vulnerability, for protection against zero days.

Compliant with existing & future regulations

Embed security technology that supports the resiliency of your device firmware with runtime integrity protection at the host-level now and into the future.

DETECT ATTACKS AND RESPOND IN REAL-TIME

You choose to block, reboot or alert your team when an attack is detected. Deploy to your firmware in minutes without necessary access to source code as an OS-agnostic, real-time and host-based defense.

RUNTIME PROTECTION

RUNTIME PROTECTION

Simple deployment and integration

Integrate security events sent from your devices to existing SIEM systems. 

Independent security attestation

Offboard attestation of device security to increase resilience to complex, well-staged attacks.

Allow Symbiote payloads to publish alerts directly to a SIEM system via Syslog.

Deep level of forensics

Access a detailed analysis and characterization of attempted attacks. All alerts, forensic data and logs are directed to existing SIEM and IDS systems to report on security events.

The Advanced Embedded Security Ops (AESOP) analyzes telemetry data on security events continuously gathered from Symbiote payloads. This data provides offboard attestation for the highest level of device integrity assurance. AESOP also publishes alerts when the firmware integrity of Symbiote-protected devices are corrupted.

ANALYZE SECURITY EVENT FORENSICS

Access unified monitoring, alerts, and forensic analysis in real-time across all embedded devices deployed with the Symbiote Suite.

RUNTIME MONITORING

RUNTIME MONITORING

Operating system (OS) agnostic

Existing deployments include, but are not limited to: Linux, Android, Windows CE, VxWorks, QNX, Cisco IOS, Nuttx, Nucleus, ThreadX, RTA-OS, LynxOS.

Device platform independent

Existing Instruction Set Architecture (ISA) deployments include: ARM, ARM 64, ARM Thumb Mode, MIPS, PowerPC, x86, x64, AVR, MSP430, VLE. Additional ISAs can be supported.

COMPATIBLE ACROSS YOUR SYSTEMS

Red Balloon’s technology is OS-agnostic, supporting any OS and even systems with no operating system.

Attacks on embedded devices continue to increase in severity and impact, ranging from malicious updates, to control-flow hijacking, and memory corruption. Many believe doubling down on firewalls and limiting access to embedded systems will protect them, but comprehensive security requires host-based protection during runtime. 

THE NEED FOR EMBEDDED

DEVICE SECURITY

THE NEED FOR EMBEDDED DEVICE SECURITY

Customize for additional protections

Access leading embedded security teams to add additional device security as needed.

Accelerate security work while reducing risks

Complete key security architectures and features that complement Red Balloon Embedded Defense with experienced guidance.

ACCESS A DEDICATED SECURITY ENGINEER

Supplement existing security teams with a dedicated embedded security engineer assigned to each project, backed up by a world class team.

SECURITY CONSULTING

SECURITY CONSULTING

DEFEND YOUR EMBEDDED SYSTEMS