SAN FRANCISCO--(BUSINESS WIRE)--Digital security vendor TrustPipe™ emerged from stealth mode today to release TrustXP™, a lightweight downloadable application that provides a significant breakthrough in security for Windows XP, helping make it virtually hack-proof. The company also announced a reseller agreement with NCR’s Telecom and Technology business, a global leader in consumer transaction technologies, through which NCR will globally distribute and manage implementations of TrustXP.

“When Microsoft ended support for Windows XP in April of this year, the entire Internet community was placed at risk because of the widespread use of Windows XP by individuals as well as in critical infrastructure,” said Ridgely Evers, TrustPipe co-founder and CEO. “So we decided to step in with a solution that keeps those 300 million computers safe, and to do so at the lowest possible cost.”

About TrustXP

TrustXP is a breakthrough security technology, based on the TrustPipe platform that relies on marker detection, a newly patented process. TrustXP is a self-learning, self-updating application that sits on devices running Windows XP. TrustXP watches everything coming into and leaving the computer, looking for the telltale signs of attacks, exploits and reconnaissance – and stops them before they can do any harm. TrustXP shares its learnings and any actions taken with the TrustCloud™, which updates all TrustXP-protected devices around the world in just minutes, keeping all users up-to-date and safe – automatically.

TrustXP is available today. The enterprise version, TrustPipe for Business, is available from the company’s global partner, NCR, by visiting www.ncrtrustpipe.com. The consumer version is available from the TrustPipe website.

In addition to real-world testing, the company has subjected TrustPipe’s patented, marker-based technology to extensive lab testing. In a press release today, West Coast Labs, one of the world’s top security research firms, confirmed that “through three rounds of deep evaluation over a two-year period, we have been unable to hack into any device protected by it, nor have we encountered any false positives or false negatives.”

Equally important, TrustPipe technology has successfully protected against every “zero day” event, including high-visibility ones like Heartbleed and Shellshock. This ability is especially important for unsupported environments such as Windows XP.

“A high percentage of financial, retail, government, and critical infrastructure systems all over the world are running Windows XP, which puts them at risk,” noted Michael Locatis, former Assistant Secretary for Cybersecurity and Communications in the US Department of Homeland Security and CIO of the US Department of Energy, who serves as chair of TrustPipe’s advisory board. “TrustXP helps mitigate that risk, extending the life of an otherwise-excellent operating system.”

How TrustPipe’s Marker-Based Security Technology Works

Signature-based systems have long been the preferred way to detect threats, because they are precise and therefore actionable — when they detect Signature A, they can confidently take action to block it. However, they are brittle: if the threat changes slightly they fail because there’s no longer an exact match. As a consequence, signature-based systems require constant updates, creating larger and larger sets of signatures that require growing compute resources — and they are always playing catch-up.

Heuristic models, on the other hand, are less brittle because they deal in probabilities. But that also makes them much less precise, which makes them riskier in terms of taking action when they detect something.

TrustPipe discovered that there are distinctive markers — similar to markers in DNA — that perfectly identify entire classes of threats. TrustPipe’s patented, marker-based approach is every bit as precise as the signature model, but its capabilities go far beyond. It detects and blocks all variants — past and future — of every threat class, without modification. For example, TrustPipe-protected systems were not vulnerable to the widely publicized Heartbleed and Shellshock threats, because while those threats were new to signature-based systems, to TrustPipe they were simply members of an existing class. No “urgent update” was required. In the rare case of a truly new threat class, which occurs once or twice a year, TrustPipe automatically discovers the new threat, protects the compromised computer in real time, and then shares its discovery with every other TrustPipe in the world, inoculating the entire TrustPipe ecosystem in minutes.

Additionally, the set of markers required to detect all classes of threat is remarkably compact. The entire TrustPipe dataset, spanning virtually every class of threat, is just 1.5 MB, in sharp contrast to, for example, the nearly 400 MB update for one well-known antivirus program. The compact size of TrustPipe translates directly into improved system performance and superior user experience.

While TrustPipe has performed perfectly so far, the design anticipates that there are likely to be issues in the future. If and when that happens, the essential simplicity and dynamic nature of the TrustPipe technology will enable it to update all TrustPipe-protected machines and contain the threat, quickly and effectively.

About TrustPipe

TrustPipe was founded in 2011 by a small group of Silicon Valley veterans with deep knowledge of network security, armed with a profound breakthrough in security technology. TrustPipe is funded by its founders and a small group of Silicon Valley and San Francisco investors with backgrounds spanning cybersecurity and large-scale networked systems. More information about TrustPipe and its security solutions can be found at www.trustpipe.com.