Bessemer Venture Partners, Mayfield and US Venture Partners led the round. Determina is based in Redwood City, California, but uses technology developed by the company’s co-founders at the Massachusetts Institute of Technology.
According to CEO Nand Mulchandani, the new SecureCore software works by knowing the parts of the computer’s memory that applications are allowed to execute code, and preventing them executing code in other protected areas.
The attractive proposition about the software is that it does not require signature or definition updates, or any policy or rule-writing on behalf of the user, according to Mulchandani.
Memory attacks are those that exploit an application vulnerability to put malicious code in memory and force the computer to execute it. The most commonly known of such attacks is the buffer overflow, as used by many recent worms.
Mulchandani said all of the Windows vulnerabilities rated Critical by Microsoft over the last two years have been those that permitted memory attacks. SecureCore can prevent all of these vulnerabilities from being exploited, even on unpatched systems, he said.
Some of these problems are expected to be mitigated by so-called NX or no-execute technologies, which protect against buffer overflow attacks and are supported in AMD’s 64-bit processors, Intel’s forthcoming Prescott chips and Microsoft’s Windows XP Service Pack 2.
But Mulchandani said NX will only protect against a subset of the memory attacks Determina protects against, and that for NX to be effective the hardware has to be deployed and applications rewritten to support it, meaning there’s still a market opportunity here.
