Innovative IT solution to tackle cyber crime
An ETH spin-off, xorlab, has ambitious plans: it has developed a unique IT security solution that provides more effective protection against hacker attacks. Now the product is about to undergo crucial trials in a real business environment.
As a young company with just five employees, a strong sense of conviction is essential in order to challenge the technological dominance of the big players in the field of IT security such as IBM, Intel Security and Cisco. And that’s exactly what Antonio Barresi (CEO), Matthias Ganz (CTO) and Marco Nembrini (COO) from external pagexorlab plan to do. Founded in July 2015, the ETH spin-off has developed a system that aspires to be far more reliable and cheaper than conventional solutions in protecting companies and governments from hacker attacks.
Acute sensitivity to normal activity
“Like real criminals, cyber criminals constantly adapt their behaviour to suit a changing environment”, explains Antonio Barresi, xorlab’s CEO. “That makes it difficult to detect an intruder in the system.” Most conventional security solutions watch for “suspicious activity” within an IT system that could point to unauthorised intrusion. By contrast, xorlab concentrates on screening the normal behaviour of applications. It performs this task so meticulously that it can spot any suspicious activity immediately. In this way, it is able to isolate malicious files and websites before they can compromise a company’s IT infrastructure.
The hardware developed by xorlab, a mini-server weighing 31 kilos, stands before the company’s actual server infrastructure as a front line of defence against potential hacker attacks via emails, PDFs, Word or Excel documents, or websites in general. If the system detects a PDF attachment attempting to smuggle in spyware, for example, it will open the attachment on another computer isolated from the main corporate network, and then scan it for threats. If a threat is detected, the file is immediately destroyed.
“During the first proof of concept a year ago, we managed to detect all the attacks made on a protected system – without triggering a single error message”, recalls Barresi. This last aspect is very attractive for companies, as every error message and suspicious activity report generates substantial extra costs. So does the software solution developed by xorlab represent a type of Holy Grail in the fight against hackers? Barresi puts it into perspective: “Our device is certainly a key component within the overall IT security infrastructure. But obviously we are not able to block every possible type of threat.”
From Venture Challenge to start-up capital
xorlab benefits from the exceptional know-how and expertise of the company’s founders. Barresi studied computer science at ETH and then worked as an IT risk manager at one of Switzerland’s leading banks, with spells as a security consultant and software developer as well. In 2013 he came back to work at ETH as scientific assistant at the Laboratory for Software Technology. Together with another computer scientist at ETH, Matthias Ganz, and the ETH mathematician Marco Nembrini, he took part in the Venture Challenge start-up course in 2014 and drafted a preliminary business plan. “We had this intuitive feeling that we were on to a good idea: something that none of us had approached before in this way”, explains Barresi when asked about the motivation for setting up the company. At the start of the year the company eventually won the start-up competition organised by external pageVenture Kick, pocketing the prize money of 130,000 Swiss francs.
On the verge of the first critical trials
xorlab’s innovative product might soon be in great demand: in recent years there has been a massive increase in the number of cyber attacks on companies and governments. The most recent victims include the German parliament, the U.S. Department of State, the bank HSBC and (just a few weeks ago) the Swiss technology company Ruag. Such attacks often cause damage running into millions. A study by Frost & Sullivan estimated that the market for IT security network applications, to which xorlab’s system also belongs, was worth more than 500 million US dollars in 2014, and is set to grow to around 3.5 billion US dollars by 2019. The first trials in a real-life business environment are now critical for deciding whether xorlab will soon become a partner for big multinationals and governments, as well as an investors’ favourite. According to Barresi, xorlab is already in talks with banks, financial institutions and educational establishments. Swisscom has also recently announced it is thinking about setting up a pilot system with xorlab. The first practical experiences with the system will decide whether the young company will actually be in a position to compete with the IT industry giants.
