Our revolutionary Endpoint Security stops malware from becoming resident on a device.

This means inherent weaknesses or vulnerabilities of the operating system cannot be exploited by hackers. As well as stopping malware from executing, this approach offers system managers the opportunity to patch their devices after thoroughly testing the patch, rather than as an emergency move, which can have undesirable side effects.

Another attractive feature for corporate environments it our ability to protect legacy operating systems such as Windows XP and Windows Server 2003 that are no longer in extended support from Microsoft.  Our endpoint security also offers proven protection for legacy estates containing Windows Servers and Workstations as old as NT4. It works on all MS systems. It is also available for Redhat Linux (and can be adapted for other Linux/UNIX systems on request).

Future versions of our endpoint security product will protect Windows Mobile and Android, and through the Google Brillo platform and Weave language, the Internet of Things (IoT).

Similarly, SCADA and embedded operating systems can be protected and extended past the predicted end of use.

There is no end-user impact nor reduction in capability of approved systems and applications. This is not a whitelisting solution that is reliant on MD5 or SHA1 or another hashing function.

The solution scales and integrates well in complex security environments with no performance impact. No updates, no signatures, no cloud liaison is required.

The software self-protects, is hardened, and is tiny. It is simple to administer in large scale environments (very low FTE requirement) and has excellent reporting qualities. No False Positives or Negatives are generated, something that’s essential when providing SIEMs with actionable intelligence with no operational requirement to share with Third Parties.

This endpoint security solution can be installed initially in ‘learn’ mode with no risk to the organisation. This mode allows the organisation to gather intelligence about the environment and pinpoint any unacceptable pieces of code that are breaching existing defences. This allows the organisation to craft a suitable security policy and, at the flick of a switch, enforce the policy from the Centre – thus taking back control of the environment.

Over time, any existing malware on the system will be discovered and eradicated, and no new malware will get onto the system – therefore the system will become cleaner and cleaner and faster and faster.

Thoroughly tested – 100% success


Highly respected third parties such as BAE Systems, Lockheed Martin, ENEX TestLab and ATOS have thoroughly tested and measured a 100% success rate for our endpoint security product against any attack writing to persistent storage regardless of system privilege. The software also secures valuable IP, client data, corporate reputation and shareholder value.

Our technology prevents both external and internal threat vectors/surfaces from being the conduit to enabling malware to become persistent on your endpoints. Known or unknown, Zero Day or APT, whether simple, sophisticated or encrypted they are all prevented.

Defence Against CryptoLocker and Other Ransomware

Cyber crime is predicted to reach $2 trillion by 2019. Ransomware is growing at 350% per year and is predicted to cost $5 billion in 2017. Numerous victims were left with no choice but to pay the extortionists or lose sensitive corporate information. Our endpoint security stops all these attacks.

Lockheed Martin Evaluated Us

“High confidence found in this robust and stable anti-malware technology… effective at stopping all attempts to write malware to the permanent storage of the devices, regardless of system privilege” Lockheed Martin’s NCITE (UK) team evaluated our technology  to establish its “Green” (energy saving) credentials and discovered it saves 7% of the electricity consumed by the device – equivalent to $60 per server per year.

How does it work?


This host-based software-only solution is implemented as a kernel driver on Windows platforms. It intercepts and mediates file write access to the computer’s permanent storage e.g. local hard disk, network shares and removable storage devices such as USB stick and external disk.
It is designed to help enforce system and file integrity without complex management overheads. It achieves this security objective by exercising robust access control over the writing of executable files and user-defined files (protected files) to a computer.
It protects against unauthorised modification and denies unauthorised write operations.
While our endpoint security blocks unwanted executables by default, the system administration can define files for integrity protection according to the computer’s roles. Ideally, it should be deployed on a newly installed ‘clean’ operating system. From this secure initial state (baseline), it will prevent malware infection going forward.
For most corporate environments, the endpoint security is rolled out at stages and there may be pre-existing undetected infections on systems – often referred to as Advanced Persistent Threats (APTs). Our unique operation and extensive audit log allows such malware to be identified. It can also reveal rootkit infections and facilitates the subsequent removal of such programs.