Stop External Attacks

QWERX secures your network better, by eliminating the need for digital keys and certificates that are easy to steal.

84%

of organizations experienced an identity-related breach last year

1600%

increase in cyberattacks leveraging machine identity weaknesses from 2015-2019

4.35M

average cost for a company to address a single data breach

Why do bad breaches happen to good companies?

Most corporations and government today use Public Key Infrastructure (PKI) to secure endpoints through asymmetric encryption. PKI relies on digital certificates, keys and algorithms to authenticate a user or device to a network.

Static digital credentials are vulnerable, like your Social Security card. Once issued, the information remains the same and if (when) the information falls into the wrong hands it can no longer be trusted. And unfortunately for everyone operating on a PKI framework, bad actors have figured out how to exploit the vulnerabilities of this legacy system.

Every day organizations are attacked by high-performance, automated machines that have long outpaced the protective measures we’ve built around outdated security infrastructure. Cyberattacks have become such a common occurrence that there are entire news outlets and publications dedicated to covering the many ways that cyber protections have failed.

“The somber truth is that hackers don’t hack in anymore — they log in using weak, default, stolen, or otherwise compromised credentials.” – IDS Alliance

QWERX has solved the root cause of 80% of data breaches: weak or compromised credentials

After the U.S. Office of Personnel Management suffered a devastating data breach in 2015, QWERX founders dug into the root cause and realized that many advanced attackers were leveraging the weaknesses of legacy security infrastructure to steal credentials. Drawing on their expertise in information science, fraud detection and identity management, they developed a next-generation solution to stop credentials-based attacks on devices and networks: QWERX Enterprise Secure Perimeter (QESP)

QESP is not just a patch for PKI; it's a radical overhaul of secure network authentication for the future

QESP is built on a patented and tested authentication protocol which eliminates the use of digital certificates and private keys completely. Instead, frequently rotating symmetric keys — which are not stored or exchanged — enable devices to “handshake” multiple times a second. This requirement for continuous verification assumes that every device is an adversary until proven otherwise. Devices that are not enrolled to the network can never gain access, even for a moment. A massive threat surface is immediately reduced because there are no credentials to steal or copy.
  • Secure: symmetric key cryptography secures networks better than PKI without the inherent vulnerabilities
  • Nothing to steal: ephemeral keys are dynamically generated and disappear instantaneously, eliminating certificates
  • Lightweight: small footprint with low processing requirement can secure IoT devices and devices without users
  • Quantum-proof: harnesses pure, random chaotic data from nature that can never be predicted by technology

QWERX has invented a better way to authenticate devices to a network

Here’s how it works. A common information source containing random, chaotic data is loaded into all networked devices. The QESP console initiates a “handshake” by sending instructions for building the initial key to all devices. Devices dynamically generate ephemeral keys to verify (or reject) a match, then the keys disappear and are never used again. All devices across the network engage in continuous, orchestrated authentication. No keys are ever exchanged or stored – only instructions are exchanged in the clear to generate keys on each end.

The software is cloud-native and seamlessly integrates into all existing networks and operating systems. Once networked devices and cloud instances are securely enrolled, all unauthorized authentication attempts are rejected and flagged. Real-time attack warnings are pushed to admins including metadata and telemetry. QESP is built to scale to millions of endpoints and appliances within any Enterprise and has been analyzed by a U.S. Government Lab to be Quantum-Proof.