Wave Systems Uses Security Chip to Detect and Mitigate Malware and APTs

Endpoint Monitor Provides the Foundation for Granting Access to Networks and Cloud Services From only Known Devices, Verified to be Free of Malware

Wave Systems has pulled the cover off of a new solution aimed at fighting advanced persistent threats (APTs).

Its answer is Wave Endpoint Monitor. The company is demonstrating the technology this week at the 2nd Annual NSA Trusted Computing Conference in Orlando, Fla. Wave Endpoint Monitor uses the Trusted Platform Module (TPM) embedded in PCs to detect APTs by scanning a system’s environment before the operating system loads for anomalous behaviors associated with malware. If anomalies are detected, IT is alerted immediately with real-time analytics, according to the company.

“To protect against today’s advanced threats, it’s critical to have a strong foundation of trust in all endpoint devices,” commented Steven Sprague, Wave’s CEO and President, in a statement. “That starts by knowing that your PC has not been changed by a third party — and is free of malware in the BIOS — and extends to verifying the identity of the device.

Wave Endpoint Monitor gives IT a powerful tool to collect, manage and analyze pre-OS health information, and to leverage the advanced hardware trust enabled by the TPM.” Wave Endpoint Monitor leverages the TPM to measure system integrity, and the information provided by the product can be used by enterprise networks, servers and cloud services to ensure only known devices are connected to critical applications and sources of sensitive data, according to the company.

Key features of Wave Endpoint Monitor include:

• Captures verifiable PC health and security metrics at system boot (before the operating system loads).

• Securely reports the PC health data for central reporting and analysis (ensuring the data came from a ‘known’ device).

• Alerts IT administrators to potential threats to a system.

• Provides configurable reporting and query tools.

• Compatible with the millions of platforms with any TPM; a distinct advantage over solutions tied to a single brand of chip or chipset.

• Provides the foundation upon which network connect decisions are based.

The solution is compatible with all Windows XP, Vista and WIN7 operating systems and supports all commercially available TPMs, and is slated to be commercially available by the end of the year.

While not all sytems support the Trusted Platform Module (TPM), the technology is included on many business-class PCs from Dell, HP and Lenovo as part of their standard hardware configurations. Hundreds of millions of TPM-equipped systems have already been shipped to date.