V.i. Labs Announces New Software Protection Solution for Microsoft .NET Applications

Business Wire, March 20, 2007

Application providers and enterprise users now have industry first approach to better protecting .NET applications from threats of piracy, tampering, and code theft

WALTHAM, Mass. -- V.i. Laboratories, Inc. ("V.i. Labs"), a provider of software protection solutions for securing high-value and mission-critical applications, today announced the availability of CodeArmor[TM] for .NET Framework, a new version of its flagship offering that protects Microsoft .NET Framework applications from the threats of reverse engineering. Available immediately, CodeArmor for .NET Framework is one of the first software protection approaches to combine encryption and active run-time security monitoring to help protect intellectual property resident within .NET Framework applications from the increasing threats of piracy, tampering and code theft.

Application providers and enterprise users are migrating and developing new applications using the Microsoft .NET Framework because the platform allows developers to use multiple languages, integrate Web services, and simplify development across multiple platforms.

However, without proper coding and security practices, once .NET Framework applications are deployed, hackers, competitors, and piracy cracking teams can gain access to the source code and the embedded IP within the application. Unlike natively compiled Windows applications which are compiled into low-level machine code, applications utilizing the .NET Framework are only partially compiled and contain highly detailed metadata, making it possible to reverse engineer and/or be decompiled into higher level source code. This increases the risks of malicious tampering and competitive IP theft and software piracy, especially for software vendors marketing applications into emerging markets.

"We're pleased to see an industry partner supporting the .NET Framework and advancing the framework's security," said Thom Robbins, director of .NET Platform Product Management at Microsoft Corp. "With CodeArmor, the .NET Framework provides developers with increased protection while they are developing applications."

"Organizations who develop software applications consider their source code proprietary and a confidential asset," said Vic DeMarines, vice president of Products for V.i. Labs. "With the Microsoft .NET Framework, the product high-level code can be accessible by using publicly-available tools to decompile deployed applications. Because CodeArmor provides comprehensive protection for and fully supports the features of the Microsoft .NET Framework, application developers can now focus on developing applications completely in managed .NET code."

Current security measures offer passive protection approaches such as obfuscation, simple encryption wrappers, or hybrid .NET Framework configurations where sensitive algorithms remain in unmanaged code. These approaches impact the software development lifecycle, increase the complexity of deploying and supporting .NET Framework applications, or provide little defense against a skilled reverse engineering attack.

CodeArmor is the first off-the-shelf solution to combine active and comprehensive run-time security with a simple protection process that applies security to the post-compiled applications requiring no source code or design changes. Once protected, CodeArmor's active run-time security is embedded within the software application and activates itself once the application is launched. CodeArmor for .NET Framework authenticates and verifies the integrity of the environment prior decrypting .NET Framework assemblies and sensitive functions. This protection process is transparent from the end user and persistent wherever the protected application is deployed. In addition, unlike other .NET Framework security approaches, CodeArmor can protect mix-mode applications which contain managed and unmanaged code.

Other key capabilities contained in CodeArmor for .NET Framework include:

* Ensures safe execution by continually verifying and authenticating the Microsoft .NET Framework prior to allowing the protected application to run

* Compatibility with Microsoft .NET 1.1, 2.0 and 3.0 Frameworks and compatibility with key .NET capabilities (i.e., Reflection, Global Assembly Cache, Serialization, Strong Name Support)

* Support for Windows Vista 32-bit

* Support for stand-alone DLL protection and Active X controls

* New CodeArmor administrator capability to filter and search for sensitive functions based on key terms

"This release will allow us to extend deployment of CodeArmor to our other products that are being developed using Microsoft .NET Framework," said a director of engineering for an embedded system application provider which wishes to remain anonymous for security reasons. "We originally deployed CodeArmor to protect our traditional Windows applications from the threat of reverse engineering from competitors. This risk only increases with our use of the Microsoft .NET Framework."

Availability and Pricing

CodeArmor for Microsoft .NET Framework is available immediately. Pricing starts at $18,500 for enterprise applications and subscription based pricing for Application providers and Independent Software Vendors.