You are here

Science and Technology News Release: DHS S&T Announces Commercialization of REnigma Malware Reverse-Engineering Tool

News Release: DHS S&T Announces Commercialization of REnigma Malware Reverse-Engineering Tool

Release Date: 
August 2, 2017

For Immediate Release
DHS S&T Press Office, John Verrico, (202) 254-2385

WASHINGTON—The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) today announced a groundbreaking malware analysis tool that is part of its Transition to Practice (TTP) program has transitioned as a new startup technology company.

The technology, REnigma, was spun off from the Johns Hopkins University Applied Physics Laboratory to create startup Deterministic Security, LLC. The Oregon-based company was founded to further mature the technology into a commercially available product and work with early adopters, focusing on incident response for government organizations and large enterprises.

The analysis of malware used in a cyberattack is a highly manual, time-consuming, low-throughput and costly process, requiring days to weeks to determine the answers needed to understand and recover from an attack. REnigma helps analysts regain the upper hand against advanced malware by transparently and precisely recording the execution of malware. Using the tool, analysts can “go back in time” by replaying and reviewing the malware code in detail exactly as it was originally executed. It also solves a key problem in malware reverse engineering: repeatable analysis.

“This latest commercialization is a strong testament to the growing effectiveness of the S&T TTP program. It is the third transition in four months, a level of success that illustrates TTP is having a significant impact on helping federally funded cybersecurity technologies transition from the lab to the marketplace,” said DHS Acting Under Secretary for Science and Technology William N. Bryan.

REnigma was selected for inclusion in TTP’s 2016 cohort for further development and validation to accelerate its commercial transition. The TTP program, which is administered by S&T’s Cyber Security Division (CSD), part of the Homeland Security Advanced Research Projects Agency, complements the S&T process of funding projects through the full research-and-development (R&D) lifecycle and into the commercial marketplace. Each fiscal year, the TTP program identifies the most promising cybersecurity technologies developed at federal laboratories, federally funded research and development centers and university affiliated research centers for selection into the transition-to-market program.

TTP technologies go through a structured transition process designed to increase maturity and market readiness and are introduced to investors, developers and integrators who can advance the technologies and turn them into commercially viable products. To facilitate these connections, TTP hosts “Demo Day” events around the country to showcase the technologies to cybersecurity professionals, spur pilots and start the technologies on the road to commercialization.

“REnigma is an excellent example of how effective TTP is in identifying technologies developed with federal funding that can be applied to critical cybersecurity problems and developed into solutions that will help secure our nation’s public and private networks,” said TTP Program Manager Nadia Carlsten. “We’re helping create new cyber-startups that have a real chance at getting technologies in the hands of the users who need them.”

TTP currently has 40 technologies in its portfolio. With the REnigma commercialization, the program to date has successfully transitioned 10 technologies through commercialization and five through open source.

For more information about the TTP program and its technologies, visit the program’s webpage, view its video, review its technology guide, or send an email to ST.TTP@hq.dhs.gov.

CSD’s mission is to enhance the security and resilience of the nation’s critical information infrastructure and the internet by developing and delivering new technologies, tools, and techniques to defend against cyberattacks. CSD conducts and supports technology transitions and leads and coordinates R&D among DHS customers, government agencies, the private sector and international partners. For more information about CSD, visit https://www.dhs.gov/cyber-research.

###

Topics: 
Back to Top