Who’s Guarding the Guards? V.i. Labs’ CodeArmor Helps ISVs and Enterprise Companies
Meet PCI Compliance for Application Protection
Company uses RSA Conference 2008 as Venue to Highlight Need to Protect Applications
against Tampering and Reverse Engineering
RSA Conference 2008
Moscone Center, April 7-10
Booth 153
San Francisco, CA — April 7, 2008 - V.i. Laboratories, Inc. (“V.i. Labs”),
a provider of software protection solutions for securing high-value and mission-critical
applications, is using the RSA Conference 2008 to demonstrate how security software
vendors and enterprises need to protect their applications against tampering and
reverse engineering. By hardening their applications that protect sensitive customer
information, organizations can further comply with data security standards such
as PCI and Sarbanes-Oxley.
“A majority of this year’s RSA Conference exhibitors are security vendors that offer
compliance, authentication, data encryption, and access control software products
used by enterprises to comply with the PCI Data Security Standards and other mandates,”
said Victor DeMarines, VP of Products at V.i. Labs. “However, these solutions are
at risk themselves to be subverted by malware and code tampering, which can lead
to customer data or sensitive information being compromised – the very thing they
are trying to guard against.”
CodeArmor™ allows security software vendors and enterprise application providers
to harden their application code from the risks of tampering and reverse engineering
and better guard sensitive customer data and comply with customer and industry application
hardening requirements.
Paramount Defenses Inc.,
a “Top 10 Innovator” at RSA Conference 2007, recognized the need for code protection
for its own use. Paramount develops security assessment solutions that empower organizations
to identify and eliminate excessive access-based vulnerabilities before they can
be exploited to inflict damage.
“More than 85 percent of organizations worldwide run on Microsoft’s Active Directory,
and the patent-pending capability of our access assessment product, Gold Finger,
instantly and accurately determines who has access to vital IT assets across an
Active Directory deployment,” said Sanjay Tandon, CEO and Founder of Paramount Defenses.
“It is critical that we guard our sensitive algorithms from both competitors and
malicious users that may want to subvert our technology. We chose V.i. Labs’ CodeArmor
because it provides a comprehensive defense against reverse engineering, and offers
an easy way to embed the security into our existing software without impacting the
development process.”
Enterprise organizations and multinational corporations face a similar problem.
A bank may develop custom applications for its customers as a value-added service
and to gain additional revenue. However, the applications may be used in branch
locations where less security expertise and network protection capabilities are
available, especially when deployed in countries where piracy and reverse-engineering
is rampant. The danger is even higher when applications built in .NET are deployed.
“Applications developed using Microsoft’s .NET platform are particularly at risk
because the deployed software can be easily decompiled into source code and lead
to exploits that could expose customer data,” DeMarines said. “This is especially
true with any application that must be deployed outside the firewall, distributed
to partners, or deployed at client sites.”
CodeArmor Helps Companies Meet Stringent PCI Requirements
The PCI Data Security Standard version 1.1 is a set of comprehensive requirements
for enhancing payment account data security intended to help organizations proactively
protect customer account data. CodeArmor for PCI addresses
Requirement 6:
(“Develop and maintain secure systems and applications”) which is normally focused
on web-facing applications, but protection is also needed when software or services
are hosted externally or deployed in third party networks or machines. Hardening
applications provides security capabilities including:
- Preventing software from being decompiled and reverse engineered to subvert the
applications’ access controls and gain access to customer data
- Protecting the underlying source code within Microsoft .NET applications
- Continuously monitoring the operating environment to prevent DLL injection and malicious
software threats
- Guarding against the tampering of application components
CodeArmor actively protects the deployed software and hardens it independent of
the network or machine it runs on. CodeArmor’s active code protection and execution
monitoring functionality is embedded within the software binaries itself and makes
the application self-protected.
CodeArmor for Windows and Microsoft .NET is available immediately. Pricing starts
at $18,500 per enterprise application and subscription-based pricing is available
for Application providers and Independent Software Vendors.
About V.i. Laboratories (V.i. Labs)
V.i. Labs provides software protection solutions that protect against the misappropriation
and theft of intellectual property resident in software applications. Through V.i.
Labs’ patent-pending technology, software vendors, embedded system providers, enterprise
organizations and government agencies are able to easily secure their software against
the threat of piracy, tampering and theft, independent of where the applications
are distributed. V.i. Labs is privately held and is headquartered in Waltham, MA.
For more information please visit
www.vilabs.com.
©2008 V.i. Laboratories, Inc. All rights reserved. V.i. Labs, CodeArmor and the
V.i. Labs logo, are trademarks of V.i. Laboratories, Inc. All other product and
brand names herein are trademarks or registered trademarks of their respective owners.
Contacts:
Michael Goff
V.i. Laboratories, Inc.
781.398.3451
mgoff@vilabs.com
Aidan Bradley/Randi Sussman
PAN Communications
978.474.1900
vilaboratories@pancomm.com