A critical part of any IT system is that applications perform correctly, that is to say, with integrity. Sometimes, application integrity can be accidentally broken: executable files or libraries may be changed or deleted, which will cause the application to be unstable.
However, a bigger threat to application integrity comes from the Internet and cybercriminals. Application integrity that is compromised as a result of hacker attack, malware intrusion or other unauthorized access to an application’s code can literally kill a business. In these cases, loss of application integrity can result in the theft of sensitive data (passwords, credit card numbers, or other information that may be exploited), or computers being hijacked and used as proxies to send out spam.
When application integrity is compromised, so is the business. When you maintain application integrity, you maintain not only a functional network but an organization that’s in compliance with data protection legislation. When an organization falls out of compliance due to application integrity issues, the business is open to lawsuits, bad publicity, hefty fines, loss of revenue, and shareholder and customer dissatisfaction.
The first step towards establishing and maintaining application integrity, is to create a snapshot of the application’s known-good state, and update that snapshot every time an authorized change or update is made to that application. Second, the application files must be protected from unauthorized changes by other processes. And third, the application must be compared to that snapshot every time it is launched and, if it differs, the launch must be stopped and the administrator must be alerted, because the application integrity is broken.
The VIPO (Valid Inside Permitted Operations) technology used in SafenSoft’s products effectively preserves application integrity by monitoring and processing all system activity for unexpected and/or unauthorized behavior.
SafenSoft products seamlessly provide application integrity protection for both everyday and specialized, high-risk applications through:
The VIPO technology ensures malware and hackers cannot access or tamper with the way systems function, ensuring application integrity is maintained. System profiles, which comprise a collection of application snapshots and other unique identifiers, are created for all applications installed on known-clean machines.
SafenSoft SysWatch with VIPO technology controls all attempts to launch applications. New or changed applications can be blocked from launching if their exact snapshots in the form of checksums are not present in the system profile. SysWatch prevents vulnerabilities from being exploited by using this and other application integrity checks and launching potentially vulnerable applications in a secure environment with limited privileges. SysWatch also uses this application integrity technique to manage device integrity.