Technology
SCIT: Self-Cleaning Intrusion Tolerance
What is SCIT and how does it work?
Self- Cleaning Intrusion Tolerance is a patented technique for providing ultra-low intruder
persistence time. We constantly restore systems to a pristine state to remove malware and rob
intruders of the time needed to plan and launch attacks. SCIT does not require changes to existing
information systems, applications, or security protocols to deliver new high level of protection.
When intruders get in, you need to throw them out as quickly as possible without waiting to figure
out what they are up to. SCIT-MTD (SCIT Moving Target Defense) assumes that while intrusions are
inevitable, the bigger problem is that intruders are in your systems for a very long time watching
how your system works. Once they are in, they learn how your systems operate, where your most
valuable assets are located, and how to get your data out of your system under your security radar.
SCIT disrupts the hacker processes and makes it difficult for hackers to succeed.
How does SCIT-MTD work?
SCIT Moving Target Defense continuously changes the attack surface making it difficult to get in
and if they get in they do not have the time to continue and complete the attack. Using virtualization
technology, SCIT-MTD rotates pristine virtual servers and applications at configurable intervals as
low as every minute. Eventually every server will be taken offline, cleaned and restored to its
pristine state. The speed of rotation means, that the adversary won't be able to persist in the
system and exploit the vulnerability. If an attacker is able to place malware on a server, the
malware will be deleted without reliance on a detection processes. SCIT-MTD allows systems
to continue working through an attack with automatic and rapid recovery to a clean state.
SCIT-MTD enabled systems offer new protection from zero day vulnerability intrusions. SCIT- MTD's
ultra-low persistence time removes malware and cuts down the time intruders have to exploit
the risk. SCIT-MTD enabled systems are substantially more secure even if there are vulnerabilities
present because the timeframe that the attacker has to exploit the vulnerability is equal to the time
it takes to a trigger a new server rotation.