Titanium Technology Protection Kevlar Embedded Security Services
White Papers Blog Newsroom Partners Release Notes Webinars
About Star Lab Careers Privacy Policy Contact Us Events
EMBEDDED SECURITY | TECHNOLOGY PROTECTION | EMBEDDED SECURITY

Resource Center

Explore how Star Lab is protecting critical systems, devices, and infrastructure by delivering software security solutions and expertise.

image_2021-01-25_140225.png
 

Success Stories

drone.jpg

ACHIEVING AIRBORNE RADAR PROCESSING SYSTEM SUPERIORITY

By incorporating Crucible into its airborne radar processing system, one major defense contractor leapfrogged the competition in only a year to provide a system far superior to those of traditional industry leaders.

Read Their Story
pilot.jpg

DELIVERING GROUND SYSTEMS TRAINER UNDER TIGHT TURNAROUND

When one defense contractor’s in-house security solution failed, leaving it with little margin to meet a looming deadline, Star Lab moved quickly to deliver a timely solution that met all technical requirements.

Read Their Story
 
 

Product Data Sheets

Featured
Titanium Technology Protection
Titanium Technology Protection

Star Lab’s Titanium Technology Protection offers the most robust Linux system hardening and security capabilities available on the market today for operationally-deployed Linux systems.
Designed using a threat model that assumes an attacker will gain administrative (root) access to the system, Titanium Technology Protection maintains the integrity and confidentiality of critical applications, data, and configurations while assuring operations. Titanium Linux is compatible with RedHat and other binary-compatible distributions.

Titanium Secure Boot
Titanium Secure Boot

Star Lab’s Titanium Secure Boot provides the strongest level of boot-time authentication/trust on Intel chipsets, all the while being more flexible in terms of target Linux distributions and BIOS variants.

Kevlar Embedded Security
Kevlar Embedded Security

Designed using a threat model that assumes an attacker will gain administrative access to the system, Star Lab’s Kevlar Embedded Security maintains the integrity and confidentiality of critical applications, data, and configurations at rest, through system boot, at runtime, and during updates in the field.

 
 
image.jpg
 

 White papers

release notes

Kevlar Embedded Security

11/1/22

  • Version 1.2 Released 

    • ARM64 Support GA allowlisting, static analysis for system calls and system services for system calls are now supported on ARM64. 

    • Audit logging GA preset configurations to send system and security-related logs securely over TLS to a remote server. Supports rsyslogd and syslog-ng. 

    • Simple restrictive firewall – A simple firewall that can be configured at build time. In the default configuration, nothing is allowed inbound, and only a few encrypted protocols are allowed outbound. 

    • Generic system call filtering Apply system call filtering to arbitrary binaries. 

    • Allowlisting – ARM64 support. 

    • Misc improvements – Various bug fixes and usability improvements. 

7/8/22

  • Version 1.1

    • Limited ARM64 Support GA (see table below) — allowlisting, system services and static analysis for system call filtering are not yet available.

    • Audit logging EAR — new preset configurations of rsyslogd to send system and security-related logs securely over TLS to a remote server.

    • File System Integrity — dm-verity provides full-disk protection with minimal extra storage and minimal overhead. The system will only boot if the disk's cryptographic hash matches, and the disk may not be modified at runtime.

    • Systemd System Call Filtering — Restricts systemd services to a predefined list of system calls. System call lists may be generated manually, automatically with static analysis, or automatically with dynamic analysis.

    • Allowlisting — general fixes.

4/1/22

  • Version 1.0 Released