Public Relations

Asgent IoT/ Connected Car Solutions Partner Karamba Expanded Functions
〜 Realize total security from the development/testing to the operation of IoT products 〜

Apr 12, 2021
Asgent, Inc.
(JASDAQ: 4288)

  Karamba Security (CEO & Co-founder: Ami Dotan Location: Israel) sold by Asgent, Inc., which mainly provides security and SOC services (Location: Chuo-ku, Tokyo; C.E.O.: Takahiro Sugimoto, JASDAQ:4288; hereafter, Asgent) announced Karamba's Total IoT Security as a new solution that expands functions from embedded control in IoT equipment to fragility analysis of codes and monitoring.
  Note that Karamba's Total IoT Security will be exhibited on real-world Interop Tokyo 2021 (April 14 to April 16, 2021: Makuhari Messe) at the Asgent booth (3U15) and on-line (April 19 to April 23, 2021) at our website.

[Efforts to Strengthen Regulations on IoT Equipment]
  "Things," which had not been connected to the Internet or other network until now, has a communication function, and IoT (Internet of Things), which operates by connecting to a network, is rapidly spreading, and cyber-attacks on IoT equipment are continuing to grow. As a result of these environmental changes, legislation for security measures for IoT devices is progressing in Europe and the United States. In Japan as well, in the cyber security strategy decided by the cabinet, there are movements toward enactment of laws as well as the establishment of guidelines to consider cyber security measures for IoT equipment. Especially, there is a strong movement to seek to strengthen measures throughout the product life cycle, from the security design at the time of product development to the monitoring of operations after shipment.

[Karamba's Total IoT Security Solutions]
  Karamba's Total IoT security has been newly released as a total security solution that can be seamlessly applied throughout the lifecycle of IoT products by 1. XGuard Protect, an autonomous security product that prevents equipment embedded software from cyber-attacks, 2. Vcode to visualize risks through code vulnerability analysis as a secure development platform, and 3. XGuard Monitor to realize large-scale IoT security monitoring.
  By integrating security solutions for development and operation into XGuard, which has already been installed in 12 million IoT devices worldwide, we can provide not only security measures for products, but also consistent security from the product development/testing stage to the operation delivery stage.
  For IoT equipment and transport vehicles, etc., which are already in operation, the security status can be monitored without modifying the firmware by adding 3. XGuard Monitor agents when updating the firmware^*2 using the OTA^*1 function. This allows EDR operation to monitor attacks over the network, effectively implementing security measures for existing IoT equipment and running vehicles, etc., which had previously been difficult to take.

1. Characteristics of XGuard Protect
- Embedded Runtime Integrity Automatically Enhances Connected System Security
- Protect against a variety of attacks, including file and script droppers, as well as fileless attacks that exploit memory vulnerabilities such as buffer overflow
- Control Flow Integrity (CFI) and Application Whitelist to protect against attacks that exploit zero-day or other vulnerabilities and prevent false positives
- The runtime layer complements static code analysis to protect against state-of-the-art attacks on mission-critical connected systems such as network devices

2. Characteristics of Vcode
- Visualization of security issues by performing binary analysis on firmware of IoT equipment
- Consider priorities based on platform-specific information and propose solutions
- Management of security level and progress, and verification of compliance using checklists, and report
- Easy to link with continuous integration/continuous design (CI/CD) pipeline
- Installable as a virtual machine in on-premises and cloud environments (provided image files)

3. Characteristics of XGuard Monitor
- Agents collect OS, AP, NW, and other events and detect predictive failure in AI-based correlation analysis.
- Supports millions of deployed devices by minimizing event noise and reducing throughput by more than 90%
- Extensive threat detection and analysis by comparing the operation of IoT devices with predefined policies, historical baselines, profiles of similar devices, etc.
- Integrate logs and events with key SOC devices through a well-defined API
- Provided as a cloud SaaS solution
- Adding an agent to a target device allows you to implement security monitoring without modifying the firmware

[Karamba Securit]
Karamba Security is a leading manufacturer of embedded security that provides industry-leading embedded cyber security solutions for connected devices. Automotive, Industry 4.0, Enterprise Edge, and IIoT(Industrial IoT) manufacturers use Karamba goods and services to seamlessly protect connected devices from RCEs (Remote Code Executive) and command injection. More than 50 companies, including Fortune100, automotive OEMs, and Tier-1, are adopting or considering Karamba solutions, and connected device manufacturers are confident in Karamba's many award-winning solutions that protect customers from cyber threats. URL: www.karambasecurity.com

*Company and product names are the trademarks or registered trademark of the respective companies.