Search this site

The variety and complexity of cyber attacks is increasing.  The attackers have a strong economic and political motivation thus leading to organized and targeted attacks.  We have concluded that intrusions are inevitable, and have focused on strategies to work through the attack while limiting the losses.  Our approach, called Self Cleansing Intrusion Tolerance (SCIT), leads to the next generation of secure servers. SCIT shifts the focus from intrusion avoidance to reducing the losses resulting from an intrusion.  SCIT servers are available for pilot projects and incorporation into your production enterprise systems.

From reports of recent breaches, it has become clear that intruders were in the system for long periods.  Not only did the IDS/IPS fail to prevent the intrusion, these systems were not able to detect the presence of the intruder.  To illustrate this point, we refer to the following data breach reports:

  • Verizon DBIR focuses on 90 studies conducted in 2008. 285 million consumer records were compromised. The average Intruder Residence Time (time between system compromise and breach containment) was more than 28 days.
  • Network Solutions breach was investigated in June - July 2009 resulted in 600,000 records compromised and the data loss took place between March 12, 2009 and June 8, 2009.
  • Wyndham Hotels breach was detected in January 2010, with an estimated start date of October 2009.
From these incidents, we conclude that the current cyber defenses cannot protect against customized malware and other zero day attacks and intruders are resident for many weeks. Any strategy that will mitigate the effects of the attack would be useful, and if the breach duration is reduced it would lead to reduced data loss. SCIT deliberately focuses on reducing the data loss and we dramatically reduce the  records ex-filtrated because of malicious activity.

How SCIT Technology Works


Using virtualization technology, SCIT rotates pristine virtual servers and applications every sixty seconds or so.  In the graphic above, five online virtual servers (shown in red) are processing transactions while three offline servers are being cleaned and restored to a pristine state. Every minute a pristine “green” server is swapped out with a “red” server and the SCIT process begins again.




What's New

June 2010

SCIT Labs is the overall winner of the Global Security Challenge and CNI-Expo sponsored Security Technologies of Tomorrow Challenge.









  Sign in   Recent Site Activity   Terms   Report Abuse   Print page  |  Powered by Google Sites