"Do you really get memory based exploits?" was the title of recent webinar on 1/9 by Morgan on analyze.polyverse.io tool 
VIMEO 250339659 Morgan Hein | January 9, 2018
During the webinar I asked the question:
binary-entropy-visualizer
Is the tool tracing the ACL, because the hack fix requires the delegation chain is POLAized? Afterward Morgan introduced Archis who is the CTO and Chris is the VP of engineering.
We do not help find the delegation chains. One of the key differences between traditional security tools and us, is that we fundamentally operate in the “non-detectable” area of attacks. Therefore, auditing, detection, analytics, scanning are not our forte. Our forte is when an attack has bypassed all of that, we step in to thwart it. That seems like a job for a good policy audit tool, or a machine/host audit tool which can analyze running processes, what privileges they have, and who authorized them. We do have another goal-seeking container-based product which launches processes through containers to run under strictly least privilege mode. Using that we launch containers in a “known good state” proactively rapidly rather than detect whether they have deviated. That, to some extent, ensures that all processes are close to what you want them to be. Here too, we do not do detection, because we assume detection has already failed, and thus we’re going to take proactive remedial action. That way even if the detection system was hacked or confused, the remediation happens regardless. Hope this provides a bit more insight into why we don’t operate in that space.
My feedback:
Very good approach. I can execute the remedial action without tracing the delegation chains. Which is not actually needed with Polyverse.io page
.
Polyverse is a small emerging company with top engineers headed up by Alexander Gounares. In an earlier life CIO of AOL and a CTO an Microsoft. Polyverse has also made tools to help developers grok concurrency in NPM libraries page