Advanced Protection Against Supply Chain Threats

untrusted libraries in the context of your code.

Iceberg

Pioneered at MIT, automated and developer-friendly technologies for securing untrusted open-source libraries.

  • Demonstrated Best-in-Class Protection
  • Protection Against Zero-Days
  • Provable Security Guarantees
Technologies and Services

Automated and Seamless Protection of JavaScript Libraries

We enable developers to understand how untrusted libraries could interact with sensitive data and resources. We can then automatically protect those resources.

Library Analysis

Source and run-time program analysis for understanding how libraries interact with your app's sensitive resources. Library visibility without any developer effort.

Library Protection

Automatically apply runtime protections to libraries to limit how they can interact with sensitive resources. Prevent attacks without impacting compatibility.

Library Replacement

Replace an insecure library with a compatible and more secure library, chosen by our automated analysis. Reduce your attack surface without affecting functionality.

Library Synthesis

Automatically generate a synthesized, secure, and compatible replacement library, employing our state-of-the art technology. Gain security guarantees of the synthesized library.

10+ Years and $15M in DARPA-funded Research Demonstrates Best-in-Class Protections

+99%

of real-world attacks mitigated across multiple threat models

143.5×

average reduction in attack surface

+99.3%

compatibility with existing libraries over developer-provided libraries

Our Developer-Friendly Workflow for Securing Untrusted Libraries

  • Code Analysis
  • R:Score Security Metric
  • Library Replacement
  • Library Synthesis
  • Runtime Protection
Dialog
Our source code analysis does not require any changes to your application code, and it does not require running your application on test cases. The analysis reasons about execution paths in your code that might not be exercised by your tests, so we find more potential vulnerabilities in libraries.
Our library code analysis produces an intuitive metric of the relative security of a library called R:Score. The higher the R:Score, the more secure the library, meaning the less potential it has to access your sensitive resources and information. The R:Score enables you to understand the added security of our run-time protection and compare replacement and synthesized libraries to the original.
After your application is analyzed, we suggest a suite of automated protections that can be applied at the push of the Harden button. Our research papers demonstrate that our protections:
  • Thwart more attacks than our competitors
  • Block all attacks for common vulnerability classes.
Be assured that your libraries are restricted and protected by the best technology available.
We know the importance of maintaining the correctness of your application. Our run-time protections are formulated to guarantee that intended application functionality is not affected; only attacks will be blocked. Furthermore, our library synthesis is guaranteed not to have side effects, malicious actions, or vulnerabilities beyond the intended functionality.
Founding Team

MIT Researchers with a Mission to Protect Software

Combined, our team has multi-decade world-class expertise in program analysis, transformation, and synthesis for cyber-security — combined over 4K papers, 25K citations, dozens of years as DARPA Principal Investigators, and a dozen patents.

Jason Wilbur

Jason Wilbur

Chief Executive Officer

Jason brings +20 years of commercial and government sector experience. Most recently, Jason was Head of Strategic Products at Oracle Cloud, responsible for private cloud services and technology partnerships. Previously, he held product management, business development and R&D leadership roles at Amazon.com, Amazon Web Services, Coupang and the U.S. Air Force. He has served on multiple projects across the DoD and intelligence community.

Michael Gordon

Michael Gordon, PhD

Chief Technology Officer

Michael is an expert in program analysis and defensive cyber-security, with over 2,000 citations for his research. He has +10 years of experience as Principal Investigator (PI) for $22M in DARPA projects, delivering multiple tech transitions. His company, Aarno Labs, is self-funded and profitable with over $3M rev/yr. Michael received his MS and PhD from MIT in CS, and also founded the MIT Global Startup Labs.

Jeff Perkins

Jeff Perkins

Head of Engineering

Jeff is an expert in offensive and defensive cyber-security with over 3,000 citations for his research. He has been a Research Scientist at MIT CSAIL for the past 18 years, with 15 years experience as a Principal Investigator for $23M in DARPA grants. Before MIT, Jeff was the Director of System Engineering at LTX, managing large development teams for products with +$500M in sales.

Martin Rinard

Prof. Martin Rinard

Technical Advisor

Martin is an MIT Professor and a member of the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT. Over his tenure, he has pioneered new directions in program analysis and formal methods including approximate computing, code transfer, failure-oblivious computing, and credible compilation with over 20,000 citations, 5 patents for his work, and has served as an advisor to multiple startups.

Careers

Join our passionate, agile, and well-funded team!

We have spent years developing and demonstrating our underlying technologies. Join as an early employee as we focus on commercialization. We have beautiful offices in downtown Boston, MA, but are open to fully remote applicants.

  • Principal Software Engineer, SaaS
    Engineering
    Details