QGroup GmbH

General Dynamics PitBull®

What sets the originally developed for the US military operating system PitBull® apart from everything known so far is that it does not have an all-powerful administrator role. Malware attempting to gain privileges through privilege escalation for further network spread fails at this point.

 pitbull_front_col_free4.png

Furthermore, the 145 individual rights that replace the all-powerful administrator role enable fine-grained rights assignment and very individual sharing areas. This allows administrators to focus on their core task of administration instead of dealing with liability and culpability issues. For example, a backup manager only needs to secure files but does not need to read them. With such rights assignment, he cannot be held responsible for data leakage.

The security concept of PitBull® is perfected by individually adjustable security contexts, the so-called compartments. These enable effective sandboxing and stop attackers at the entry point. They cannot spread further.

Highlights

  • Effective protection against ransomware and unknown threats (e.g., Zero-Day exploits)
  • Significant reduction of attack vectors through fine-grained rights assignment
  • Certified with NSA PL4, Common Criteria EAL4+ in addition to all Red Hat certifications
  • Enables tamper-proof log files that are also immutable for admins
  • Damage reduction through sandboxing and security contexts
  • https://gdmissionsystems.com/products/multilevel-security/pitbull-trusted-operating-system
https://gdmissionsystems.com/products/multilevel-security/pitbull-trusted-operating-system
 Illu Ship PitBull EN.svg

PitBull® Foundation

PitBull® complements infrastructures with a fundamental security layer
to ensure integrity in all work areas.

  • Installed as an operating system upgrade
  • Isolates applications, network interfaces, data, and users through an automatically checking security configuration - avoiding a complex rule set
  • Prevents system damage by exploiting bugs in any type of software
  • Controls network resources that can be used by all programs
  • Controls and limits user and admin accounts by using "Least-Privileges"; eliminates vulnerability through superuser rights
  • Enables the development of highly secure yet flexible security architectures
  • Exceeds LSPP (EAL4+) Common Criteria requirements
  • Offers Bell-LaPadula-based MAC (Mandatory Access Control)
  • Uses Sensitive Labels at the kernel level
  • Supports roles and authorization
  • Uses Polyinstantiated MLS network ports and labeled packets
  • Enforces, when needed, "Two-Person/Four-Eye" authentication at login
  • Integrity check of system and databases
  • Security mechanisms to protect critical Trusted Computing base files and services
  • Supports "Labeled Printing" using MAC control
  • Complements and protects entries to ensure auditability and tamper-proofing

PitBull® Foundation Suite

Leveraging the features of PitBull® Foundation, PitBull® Foundation Suite enables the easy conversion of commercial and custom software into a sophisticated Trusted Network Architecture, which also fully protects tools, utilities, and scripts.

  • Enables users secure access to backend systems via the internet.
  • The modular concept allows tailoring the software to specific customer requirements.