fbpx
Feature Comparison Matrix2018-06-19T01:20:05+00:00

Feature Comparison across Cybersecurity Sectors

Thumbnail of entire matrix

Legend:   = generally supported    = generally not supported     = see notes    * = click or hover to view notes

Capabilities AMULET™ Technology McAfee • Symantec • Kaspersky
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging *
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology Kaspersky • Fortinet • pfSense • Comodo • Zone Alarm • McAfee Firewall • Palo Alto • Cisco • WatchGuard
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology Forcepoint • Gigamon • AlienVault • CloudLock (Cisco) • Dome9 • Netskope • Skyhigh • CloudPassage • Bitglass • CYREN
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficency/costs can be signifcantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls *
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption *
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization *
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Tech Symantec • Forcepoint • SnoopWall • StrikeForce • MobileIron • NowSecure
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts *
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology Symantec • Avast • Bitdefender • Avira • Kaspersky • Webroot • F-Secure Client Security • Sophos
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation * *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network *
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology Digital Defense • Rapid7 • Tenable Network Security • GFI Software • FireEye • Sera-Brynn • BAE Systems • IBM • Lockheed Martin
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology Mimecast • Barracuda Networks • Proofpoint • Cisco • Microsoft • Forcepoint • Fortinet • Symantec • Sophos • McAfee
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset *
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats *
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology VeraCrypt • AxCrypt • Folder Lock • CryptoExpert • CertainSafe
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset
Can protect the digital asset during transport *
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption *
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *
Capabilities AMULET™ Technology LoRa • Zwave • ZigBee • Bluetooth • WiFi
Fail safe – when errors occur, protected digital asset is always left in the protected state
Each individual digital asset is separately and independently protected
Subparts of an individual digital asset can be separately and independently protected (i.e. age-17-and-over-content in a move, or access to a menu iten in an application)
Protection is consistent across all operating systems, storage devices, transports, and memory
Level of protection for a digital asset can be varied at will in realtime wherever the digital asset might be and whenever there is network access
Digital asset protection levels remain at all times under the control of the original creator or owner, designee, or assignee
Protection criteria are separate from the protected digital asset, and can be separately acquired from other sources
Digital asset protections need not be removed, replaced, or modified when moving from storage to transport or vice-versa
Keyless – digital access protection requires no external key
Levels of protections can be shared among many digital assets, but indepedently
Multiple protections can be combined to protect a single digital asset
Overall system efficiency/costs can be significantly reduced by deciphering only when digital asset is needed (rather than at every handoff between silos/containers/transports)
Full-fledged security available through trusted proxy servers even for underpowered devices
Different stakeholders can separately apply protection unique to their interests to the same digital asset, with all parties’ interests honored
Protection criteria can consider physical (GPS) location of the device in realtime
Protection criteria can consider current time, and varying time spans of any number or patterns, when allowing access to a digital asset
Can protect the file (digital asset) on the server, even if the server protection is breached
Can detect unwanted file(s) on the operating system and provide or deny access to the digital asset accordingly
Can audit-trail access attempts made against the digital asset
Can protect the digital asset during transport
Access to each individual digital asset can be controlled through logged-on-user rights
Access to each individual digital asset can be controlled by file-system-level read-write access rights
File differences/similarities can be identified through hashes
Natively cooperates with other types of cybersecurity
Security attributes can be grouped and accessed by user-created friendly names
Can provide or deny access to the digital asset based on the detection of unwanted process(es) on the host device
Can provide or deny access to the digital asset based on the detection of missing file(s) on the host device
Can provide or deny access to the digital asset based on the detection of a missing process(es) on the host device
Can provide or deny access to the digital asset based on the detection of unwanted hardware on the host device
Can provide or deny access to the digital asset based on the detection of missing hardware on the host device
Can perform secure financial transactions in situ within the digital asset
After the digital asset has been viewed or accessed once, no unprotected copy exists anywhere (that is, the digital asset remins secure after viewing, rendition, or access)
The digital asset remains secure (including from capture or recording) as it is being viewed or accessed
Any copies made of the digital asset are as secure as is the original
Any copies made of the protection mechanism used for protecting digital assets are as secure as the original
A protected digital asset’s embedded I/P is just as secure in any one physical location (say, the US) as it is in any other (say China) irrespective of that location’s respect for (and adherence to) Western intellectual property law
Protected mobile digital assets are equally secure no matter where or when they travel, both when traveling and once landed
Protected digital assets, as well as their protective components, can reside on any operating or storage system
Technology can be used to indentify a sender as being absolutely safe, i.e., e-mail
Both sender and receiver’s security protection can be attached to a digital asset to ensure each party’s security interests, i.e. e-mail
Can ensure the security of a financial transaction through all steps of the transaction
Can protect individual cells, rows columns, tables, views, and/or stored procedures in a database as though they were digital assets
Performs deciphering/decryption operations to a safe, hidden location where no copies can be accessed via any means by any other party
Can protect the locations, identities and metadata of, as well as access to, connection endpoints as digital assets in memory
Can protect the locations, identities and metadata of, as well as access to, code snippets (including plain-text scripts) as digital assets in memory
Can protect the digital asset based on the currently logged-on user of a host device
Each and every enciphering/encryption of a protected digital asset produces a vastly different binary output, in both size and content, even from a rendering may immediately prior for the same source on the same device
No combination of any two of the three elements used to encipher a digital asset – the source, the result, and the protection metadata or key – can be used to extract the third element
Up to two dozen families of environment detection criteria, each optional, selectable, and configurable, can be used singly or in combination with the others to create a protection level
One security technoloigy can perform the functions of dozens of other technologies, and perform each of the other functions better
Can protect individual page elements and downloads in a browser
Can fully protect blockchain ledgers and wallets
Can fully protect apps an applications, including app and application subcomponents without writing any code
Can supply a safe and secure completely independent off-O/S environment in which a digital asset can be run, viewed, rendered, or explored
All applications connected to the technology are free to the consumer – only the content provider pays a small fee (fractions of a cent) for each group of protections in a protection level applied to protect a digital asset
Maintaining full security protection does not require modification in reaction to anything a hacker does (although all security protections can be modified dynamically if desired)
In the unlikely event of a breach, the hacker can obtain only one single digital asset – no other digital assets, including copies of the digital asset breached, are accessible using the same techniques, tools, information, or point of access
Can protect massive collections of individual digital assets (dozens of terabytes) with a one-pass application of one or more protection levels even if the digital assets are not in the same physical location
Little or no human involvement (avoids human error) at system setup, requires no regular maintenance, and no runtime human interaction whatsoever is required
System can be introduced incrementally (one digital asset at a time if desired), fully cooperative with all other systems, no startup costs or fees (other than fractions-of-a-penny AMULET licensing), unlike expensive all-or-nothing systems with exorbitant startup costs
Digital asset protection costs are zero to the consumers of the digital assets, the content provider pays fractions of a penny per group of protections applied to a digital asset, applying copies of the protection groups to other digital assets is free, all software and utilities are free (other than certain AMULET-enabled versions of consumer and custom apps”), and protected financial transactions are a penny or two each.
No onerous contracts inhibiting free speech, prohibiting full accountability, or preventing the simultaneous use of competitive products.
Malware removal
File quarantine *
Threat Identification
File/Folder scanning for viruses/malware
Firewall
Privacy Controls
Block or alert the user about unauthorized inbound or outbound connection attempts
Identify and control applications on any port
File packet investigation
DDoS mitigation *
Encryption key management *
Event monitoring and logging
Data-at-Rest Encryption
Device controls
Provide wipe of device if de-provisioned or out of compliance
Application configuration
Manage user access to applications
Context-aware authentication
Vulnerability audits for the consumer (evaluation and scoring)
Threat defense recommendations
Threat detection when new devices access your network
Stops known email threats
Instant threat intelligence updates
Apply policies across the organization
Support mail validation (such as DKIM)
Supports email encryption
Restrict mobile access using URL wrapping
SPAM detection
Message tracking
Data loss prevention (DLP) – predefined dictionaries , identifiers, digital fingerprinting
Email archiving to support legal and regulatory retention requirements
Prevents “cold boot attacks” (encryption keys stored in memory) *
Can create hidden operating system *
Supports security (or cryptographic) tokens and smart cards
On-the-fly encrypted volumes *
Iterative key wrapping *
Data integrity verification – no undetected modification
Unique encryption keys used for each file and (re-)encryption *

* indicates a note (hover over the item to view the specific information)

NOTE: This chart represents a general summary of information across a lot of products, many of which are continually changing, so may not be representative of a specific product or version.