How Trust Lockdown 6-Factor Zero-Trust Works
The White Cloud Security (WCS) Zero-Trust App Security applies its U.S. Patent No. 9,589,130 cyber-metric handprint technology, utilizing six-factor authentication to ensure robust security for both software components accessing computer resources and the data files being targeted. This method involves the use of five hashes (or fingerprints) along with file length (referred to as a "handprint") to accurately identify software, thereby applying applicable policies at endpoint agent in the Trust Lockdown system. This approach provides both Zero-Trust App Security.
WCS Blocks AI Generated Polymorphic Malware
Due to Trust Lockdown's methodology of protection, it blocks next-generation AI-generated polymorphic malware. It uniquely identifies each file based on its exact filestream content rather than patterns that can be changed by polymorphic techniques. Using this with a Default-Deny strategy, only files that match approved "handprints" are allow to run, everything else is blocked. By matching these factors against a Trust-List, White Cloud Security ensures that only approved files can execute, effectively preventing malware, including AI-generated mutations. This also prevents the use of unauthorized sofware and IT tools, even by Windows administrators with root level privileges.
flowchart TD
A[Software Component Request] --> B{6-Factor Authentication}
B -->|SHA-1| C[Generate Hash]
B -->|SHA-256| D[Generate Hash]
B -->|SHA-512| E[Generate Hash]
B -->|MD5| F[Generate Hash]
B -->|CRC32| G[Generate Hash]
B -->|File Length| H[Check File Length]
I[Compare with Trust List] --> J{Trusted?}
C & D & E & F & G & H --> I
J -->|Yes| K[Apply Appropriate Policy]
J -->|No| L[Deny Access]
K --> M[Allow Access]
L --> N[Block Access]
Key Aspects of the Zero-Trust App Security Model
Trust-Listing Technology
Unlike traditional blacklisting or even whitelisting methods, trust-listing involves a more dynamic and precise way of controlling which applications can run and which files can be accessed. This method involves maintaining a list of trusted software, with strict control over what can be added to these lists and who can change them.
6-Factor Authentication Using Hashes and File Length
The system employs a combination of five different hashing algorithms (SHA-1, SHA-256, SHA-512, MD5, and CRC32) along with the file length. This multi-hash approach increases the accuracy of identifying software files. Hashing algorithms generate unique digital fingerprints for files, making it extremely difficult for malicious software to mimic or alter files without detection.
Hashing Algorithms:
- SHA-1, SHA-256, SHA-512: Part of the Secure Hash Algorithm family, widely used for secure data integrity verification.
- MD5 and CRC32: Older but still common hashing algorithms, offering additional layers of verification.
Application of Appropriate Policies
Once the system accurately identifies software files, it applies predefined policies to control how these entities can interact. This includes determining which applications are allowed to run on the endpoint, even by privileged users.
Zero-Trust App Security
The principle of "Zero Trust" in application security means that no software is trusted by default, even if it is inside the network perimeter. Every application must prove its legitimacy before it can execute or access resources.
Benefits of the Multi-Layered Zero-Trust Approach
This multi-layered, zero-trust approach to application security helps significantly reduce the risk of data breaches, insider threats, and malware infections, including sophisticated ransomware attacks. By rigorously controlling and monitoring which applications can run, WCS's Zero-Trust App Security provides a robust security framework for protecting critical digital assets in an organization.