Invary Runtime Integrity Solution is a kernel-level security tool that continuously verifies the integrity of operating systems and hardware at runtime. It is built on IP licensed from the NSA's Laboratory for Advanced Cybersecurity Research. The solution detects advanced and unknown kernel-impacting threats including APTs, rootkits, kernel vulnerabilities, vulnerable drivers (BYOVD attacks), and eBPF-based malware. Unlike traditional endpoint detection tools, it operates at the kernel level and uses state-based detection rather than relying solely on signature-based or boot-time checks. Core methodology: - Analyzes in-memory data structures and objects to establish a behavioral baseline - Continuously measures the system at runtime and appraises it against that baseline to detect deviations The product supports a range of deployment environments including embedded, physical, virtual, and air-gapped systems. It is deployed across government, defense/intelligence (DoD and IC), critical infrastructure, and commercial sectors. Use cases include: - HPC and AI workloads: runtime attestation of the kernel, TEE, and eBPF in Kubernetes clusters - Cloud infrastructure: continuous runtime attestation for cloud environments - Confidential computing: verification of Trusted Execution Environments (TEEs) such as AMD SEV-SNP - Zero Trust architecture: removing assumptions about hardware and OS integrity - Kernel security: OS protection with hardware and software attestation