Ceedo

Last updated
Ceedo Technologies (2005) Ltd.
Type Private
Industry Computer software
Founded2005
Headquarters
Key people
Dror Wettenstein, Founder;
Assaf David, CEO
ProductsMalwareLocker, Ceedo Cloud Management System
Website www.ceedo.com

Ceedo is a cybersecurity company based in Netanya, Israel. Ceedo uses software virtualization technologies to create application containers, claiming to eliminate or reduce endpoint security threats like viruses or ransomware.

Contents

History

Ceedo Technologies was originally founded as a software virtualization platform by Dror Wettenstein in 2005. Since then, Ceedo has been using virtualization technology to make productivity tools for individual and enterprise use. In recent years, the company has followed the rising global trend of employment of virtualization in cybersecurity [1] and shifted its focus to that industry.

Ceedo Personal

Ceedo Personal was a portable operating system that allowed users to carry applications on portable media (such as USB flash drives and pocket hard drives), running them inside a virtual environment, while using resources from the host PC (screen, processing power, drives, internet connection, printers). Applications were launched in an independent environment, allowing them to run regardless of the specific settings of the host computer.

Ceedo Personal has been licensed by consumer storage vendors including Lexar, [2] Seagate, [3] Verbatim, Maxell, ExcelStor, Venzero and others. The product has been pre-bundled on millions of devices and sold worldwide.

Ceedo Personal has often been compared to another product, U3, similar in both appearance and functionality.

Ceedo Enterprise

Introduced in 2008, [4] Ceedo Enterprise was a version of Ceedo platform designed for business use and included remote management capabilities. Ceedo Enterprise was designed to be carried primarily on encrypted hardware and could have been customized and pre-configured.

Ceedo and Citrix partnered in 2008 to create a portable version of the Citrix XenApp client. [5]

Cybersecurity

After several years of hiatus, Ceedo resumed operations in 2016. The company continued developing virtualization technologies, with focus switched to cybersecurity.

Ceedo has several patents pending for its virtualization technology.

Technology

Ceedo claims to protect computers from being compromised (from both known and unknown malware threats, including zero-day attacks) by using application containers. Such application containers create isolation barrier between potentially vulnerable application (like web browsers) and the host system.

Application containers

Ceedo utilizes application containerization technology and context-based access controls to isolate web-facing applications and attempt to completely separate all untrusted content from the host. Potential malware execution is privilege-restricted that way and confined only to the isolated container created by Ceedo.

Ceedo's context-based approach determines context by looking at the security classification of the application/process requesting to operate on a file, the file on which it is requesting to operate, and the nature of the operation (i.e. read/write). From this context, Ceedo derives the permissions it will allow the requesting application/process, the boundaries of the security container that encapsulates its execution and the isolation policies applied to its boundaries with the host system.

Ceedo containers exist solely on the host and use only local resources.

Similar solutions

Companies like Symantec and Bromium use similar containerization technologies for their products. [6]

MalwareLocker

Ceedo Enterprise
Developer(s) Ceedo
Operating system Windows 7 SP1, Windows 8.1, Windows 10
Available inEnglish
Type application virtualization, computer security
License commercial / closed source
Website http://www.ceedo.com

MalwareLocker is currently the only Ceedo product.

It uses Ceedo application containers to create an isolated virtual environment and a security perimeter around the application and related data. Users can continue to use protected applications as they otherwise would, while all interactions between the application and the host computer are filtered through intelligent security checkpoints that ensure potential threats are confined to the container. The outcome is a protection measure that can be effective against all malware infections and is not dependent on threat detection.

MalwareLocker is primarily sold to enterprises, and is used to protect their employees against web-borne threats. It is also used to secure endpoints from threats potentially coming from removable media or network.

Content Disarm & Reconstruction

Ceedo claims to have a partnership with leading firms in Content Disarm & Reconstruction field. This technology is used to supplement Ceedo containers and allow users to safely transfer files downloaded from the Internet.

Ceedo Cloud Management System

Ceedo Cloud Management System is a web-based management system that is sold together with MalwareLocker, allowing administrators to compose and configure policies for MalwareLocker units and assign them to remote users from a central location.

See also

Related Research Articles

Thin client Non-powerful computer optimized for remote server access

In computer networking, a thin client is a simple (low-performance) computer that has been optimized for establishing a remote connection with a server-based computing environment. The server does most of the work, which can include launching software programs, performing calculations, and storing data. This contrasts with a rich client or a conventional personal computer; the former is also intended for working in a client–server model but has significant local processing power, while the latter aims to perform its function mostly locally.

Citrix Systems American software company

Citrix Systems, Inc. is an American multinational cloud computing and virtualization technology company that provides server, application and desktop virtualization, networking, software as a service (SaaS), and cloud computing technologies. Citrix products are claimed to be in use by over 400,000 clients worldwide, including 99% of the Fortune 100, and 98% of the Fortune 500.

Xen Type-1 hypervisor

Xen is a type-1 hypervisor, providing services that allow multiple computer operating systems to execute on the same computer hardware concurrently. It was originally developed by the University of Cambridge Computer Laboratory and is now being developed by the Linux Foundation with support from Intel, Citrix, Arm Ltd, Huawei, AWS, Alibaba Cloud, AMD, Bitdefender and epam.

A hypervisor is computer software, firmware or hardware that allows partitioning the resources of a CPU among multiple operating systems or independent programs. IBM coined the term hypervisor for the 360/65 and later used it for the DIAG handler of CP-67. The contemporary usage is for virtual machine monitor (VMM) or virtualizer. It is computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Unlike an emulator, the guest executes most instructions on the native hardware. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel.

OS-level virtualization is an operating system (OS) paradigm in which the kernel allows the existence of multiple isolated user space instances, called containers, zones, virtual private servers (OpenVZ), partitions, virtual environments (VEs), virtual kernels, or jails. Such instances may look like real computers from the point of view of programs running in them. A computer program running on an ordinary operating system can see all resources of that computer. However, programs running inside of a container can only see the container's contents and devices assigned to the container.

Application virtualization is a software technology that encapsulates computer programs from the underlying operating system on which they are executed. A fully virtualized application is not installed in the traditional sense, although it is still executed as if it were. The application behaves at runtime like it is directly interfacing with the original operating system and all the resources managed by it, but can be isolated or sandboxed to varying degrees.

Symantec Endpoint Protection Computer security software

Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers. It has the largest market-share of any product for endpoint security.

In computing, virtualization or virtualisation is the act of creating a virtual version of something at the same abstraction level, including virtual computer hardware platforms, storage devices, and computer network resources.

Malwarebytes Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

Kaspersky Lab Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

XenClient is a desktop virtualization solution from Citrix that runs secure virtual desktops on endpoint devices. Desktops are run locally, without hosting applications or the operating system in a datacenter. It consists of a Type-1 Xen client hypervisor and a management server, which provides features such as centralized provisioning, patching, updating, monitoring, policy controls, and de-provisioning. It enforces security through features including AES-256 full disk encryption, VM isolation, remote kill, lockout, USB filtering, and VLAN tagging. XenClient supports use cases such as disconnected operation on laptops, limited connectivity environments, and other use cases where use of local execution is desired and centralized management is required.

Palo Alto Networks American technology company

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. Its core products are a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference.

Bromium was a venture capital–backed startup based in Cupertino, California that worked with virtualization technology. Bromium focused on virtual hardware claiming to reduce or eliminate endpoint computer threats like viruses, malware, and adware. HP Inc. acquired the company in September 2019.

Citrix Workspace is a digital workspace software platform developed by Citrix Systems. Launched in 2018, it is Citrix Systems' flagship product. Citrix Workspace is an information retrieval service where users can access programs and files from a variety of sources through a central application or a Web browser. In addition to Citrix Virtual Apps and Desktops, Citrix Workspace services include Citrix Endpoint Management, Citrix Content Collaboration, Citrix Access Control, microapp capabilities, usage analytics, and single sign-on capabilities to SaaS and Web apps.

Citrix Virtual Apps is an application virtualization software produced by Citrix Systems that allows Windows applications to be accessed via individual devices from a shared server or cloud system.

Digital Guardian

Digital Guardian is an American data loss prevention software company that produces products designed to detect and stop malicious actions by users and malware on endpoints. Digital Guardian provides software both at the end-user level and in corporate networks, servers, databases, and the cloud. These products are designed to detect and stop malicious actions by users and malware on endpoints. It puts data events into context and applies a granular set of rules to protect it against threats.

Citrix ADC is a line of networking products owned by Citrix Systems. The products consist of Citrix ADC, an application delivery controller (ADC), NetScaler AppFirewall, an application firewall, NetScaler Unified Gateway, NetScaler Management & Analytics System, and NetScaler SD-WAN, which provides software-defined wide-area networking management. NetScaler was initially developed in 1997 by Michel K Susai and acquired by Citrix in 2005. Citrix consolidated all of its networking products under the NetScaler brand in 2016.

Browser isolation is a cybersecurity model which aims to physically isolate an internet user's browsing activity away from their local networks and infrastructure. Browser isolation technologies approach this model in different ways, but they all seek to achieve the same goal, effective isolation of the web browser and a user's browsing activity as a method of securing web browsers from browser-based security exploits, as well as web-borne threats such as ransomware and other malware. When a browser isolation technology is delivered to its customers as a cloud hosted service, this is known as remote browser isolation (RBI), a model which enables organizations to deploy a browser isolation solution to their users without managing the associated server infrastructure. There are also client side approaches to browser isolation, based on client-side hypervisors, which do not depend on servers in order to isolate their users browsing activity and the associated risks, instead the activity is virtually isolated on the local host machine. Client-side solutions break the security through physical isolation model, but they do allow the user to avoid the server overhead costs associated with remote browser isolation solutions.

Citrix Virtual Desktops is a desktop virtualization product.

Containerization is operating system-level virtualization or application-level virtualization over multiple network resources so that software applications can run in isolated user spaces called containers in any cloud or non-cloud environment, regardless of type or vendor.

References

  1. Babu Tharayanil, Midhun; Whitney, Gill; Aiash, Mahdi; Benzaid, Chafika (2015-08-22). "Virtualization and Cyber Security: Arming Future Security Practitioners". 2015 IEEE Trustcom/BigDataSE/ISPA. pp. 1398–1402. doi:10.1109/Trustcom.2015.537. ISBN   978-1-4673-7952-6. S2CID   33127135.
  2. Pogue, David (2006-06-15). "A Flash Drive That Holds Your Computer". The New York Times. ISSN   0362-4331 . Retrieved 2022-07-28.
  3. Patrick Schmid (2007-04-12). "2.5" External HDD Spring Fever". Tom's Hardware. Retrieved 2022-07-28.
  4. Ceedo Enterprise announcement: "Ceedo Launches an Application Virtualization Solution for the Enterprise" . Retrieved 2009-05-20.
  5. Ceedo and Citrix announcement: "Ceedo Announces Ceedo Enterprise for Citrix XenApp" . Retrieved 2009-05-20.
  6. "The Bromium Security Hypervisor -- Virtualization Review". Virtualization Review. Retrieved 2018-10-15.