Frequently Asked Questions
Learn more about RISe and how to spot check the Runtime Integrity of your systems.
1. What is RISe?
RISe, or Runtime Integrity Score, is an advanced service designed to appraise the integrity of your Linux operating system and detect hidden malware that is missed by other threat detection solutions. This one-time appraisal helps you identify and address potential security threats before they can cause harm.
To learn more about the specific types of threats that RISe can detect, we invite you to check out our overview article on how Invary uses advanced techniques to uncover rootkits like Drovorub. This article provides valuable insights into the latest threats facing Linux systems and how RISe can help protect your environment.
To learn more about the specific types of threats that RISe can detect, we invite you to check out our overview article on how Invary uses advanced techniques to uncover rootkits like Drovorub. This article provides valuable insights into the latest threats facing Linux systems and how RISe can help protect your environment.
2. What does RISe cost?
RISe is currently free to use, allowing organizations of any size access to appraise individual systems in an ad-hoc manner.
3. How do I use RISe?
- Register for your organization specific RISe binary at https://invary.com/rise
- Place the provided invary-rise binary on the Linux system you want to score
- Give the invary-rise binary execution permission: chmod +x invary-rise
- Execute the invary-rise binary as a superuser: sudo ./invary-rise
- The invary-rise binary uploads your measurement to Invary’s platform for appraisal
- The invary-rise binary will output the URL to your Runtime Integrity Score report, which is located on Invary’s platform and private to you
4. Where can I run RISe?
RISe runs on any physical or virtual environment, including AWS, GCP, and Azure VMs.
Invary can run on resource constrained systems or IoT devices, please contact us at [email protected] for more information.
Invary can run on resource constrained systems or IoT devices, please contact us at [email protected] for more information.
5. What Linux distributions and kernel versions do you support?
RISe currently supports the following x86-64 distributions:
- AlmaLinux
- AWS Linux 2 and 2023
- CentOS 7 and 8
- Debian 9, 10, 11, and 12
- Red Hat 7, 8, and 9
- Rocky 9.x
- Ubuntu LTS releases 18.04, 20.04, 22.04, 22.10, and 23.04
RISe supports most kernels. Invary advocates you stay up to date on installing the latest kernels, and typically adds support for new kernel releases the same day. Invary is continually adding support for new distributions and kernels.
6. How long does it take RISe to measure a system?
Typically measurements take less than 10 seconds, and your appraisal is ready seconds after that. Times may vary depending on the size and load of your system.
7. What does RISe measure, and why does it require superuser access?
RISe utilizes sophisticated algorithms to generate a detailed graph that accurately represents the current state of your system, including kernel data structures and their interdependencies. It's important to note that RISe is designed as a read-only service and does not modify, collect or store any of your personal data.
8. Does RISe impact my machine’s performance?
RISe is designed for seamless operation with minimal performance impact on virtual and physical machines, across cloud-native, hybrid, and on-premises environments.
9. Why does RISe appraise measurements in the cloud?
To ensure the accuracy and reliability of its appraisals, RISe compares each measurement against a baseline stored in our inventory of pre-captured baselines. These baselines are generated from a wide range of distributions and kernel versions. By drawing on this diverse inventory, RISe can identify even subtle deviations from the norm and provide you with a more thorough and comprehensive appraisal of your system's integrity.
10. Does RISe work on Windows?
Not yet, however Invary is currently working on a version that supports Windows. For more information contact us at [email protected]
11. What is Runtime Integrity, and why do I need it?
Prevailing security solutions assume trust in operating systems, yet are unable to verify their integrity, allowing malware hidden in the OS to deceive them (Drovorub for example). Invary believes that Zero Trust should be expanded to include the OS as an entity, and removing assumptions about it are vital to a comprehensive Zero Trust Architecture.
Invary’s approach to Runtime Integrity closes this Zero Trust gap and is based on IP invented by the US DoD. Utilizing this foundation, Invary’s Runtime Integrity service validates that operating systems are behaving according to the invariants defined in their code. In essence, Invary validates that an entire system is “good”, instead of employing techniques used by prevailing XDR and EDR solutions that inspect individual aspects of a system for the presence of “bad”. By re-establishing faith in the operating system, we enable our customers to regain confidence in their security posture.
Invary’s approach to Runtime Integrity closes this Zero Trust gap and is based on IP invented by the US DoD. Utilizing this foundation, Invary’s Runtime Integrity service validates that operating systems are behaving according to the invariants defined in their code. In essence, Invary validates that an entire system is “good”, instead of employing techniques used by prevailing XDR and EDR solutions that inspect individual aspects of a system for the presence of “bad”. By re-establishing faith in the operating system, we enable our customers to regain confidence in their security posture.
12. How is Invary different from other Runtime Integrity solutions?
Invary's approach to Runtime Integrity is built on unique intellectual property developed by the US Department of Defense, which enables our technology to provide a higher level of assurance than traditional runtime integrity services that use simple techniques like hashing. Unlike these services, Invary's technology is designed to understand the complex structure and interactions of a kernel at runtime, and to validate that the system is behaving within its intended invariance as defined by its underlying code.
What's more, our approach is non-intrusive and does not require the installation of any extraneous kernel modules or customized kernels. We recognize that your systems are performing critical tasks with demanding performance requirements, so our software is designed to operate with minimal impact on your workloads.
With Invary, you can be confident that your system is functioning exactly as intended, and that it's protected from a wide range of potential threats, without compromising your system's performance or stability.
What's more, our approach is non-intrusive and does not require the installation of any extraneous kernel modules or customized kernels. We recognize that your systems are performing critical tasks with demanding performance requirements, so our software is designed to operate with minimal impact on your workloads.
With Invary, you can be confident that your system is functioning exactly as intended, and that it's protected from a wide range of potential threats, without compromising your system's performance or stability.
13. Tell me more about Invary
Invary was established through a collaboration between seasoned security researchers and operators of internet-scale software platforms. With decades of combined experience in both the operational aspects of security at scale and research in the field of secure computing, our team brings a wealth of expertise and insight to the development of our innovative security solutions.
Our unique blend of practical experience and cutting-edge research enables us to deliver highly effective solutions that address the real-world challenges faced by organizations today. By combining our extensive knowledge of the security landscape with our deep understanding of secure computing technologies, we're able to provide our customers with the confidence and peace of mind they need to protect their critical assets in a constantly evolving threat environment.
For additional questions please contact us at [email protected]
Our unique blend of practical experience and cutting-edge research enables us to deliver highly effective solutions that address the real-world challenges faced by organizations today. By combining our extensive knowledge of the security landscape with our deep understanding of secure computing technologies, we're able to provide our customers with the confidence and peace of mind they need to protect their critical assets in a constantly evolving threat environment.
For additional questions please contact us at [email protected]