Tool Overview:
OnSystem Logic

About OnSystem Logic

OnSystem Logic is a cybersecurity software company based in the Baltimore/Washington DC metropolitan area. Founded by cybersecurity veteran TJ Tajalli, the company received funding through a National Science Foundation Small Business Innovation Research grant to develop their flagship product, OnSystem Defender. The company focuses on addressing application security vulnerabilities that traditional endpoint security products struggle to detect and prevent.

What does OnSystem Logic do?

OnSystem Defender operates as an application hardening and security assurance product that functions by loading a protection engine inside every application on a Windows endpoint. The software employs a patent-pending Application Reference Monitor technology that learns legitimate code paths applications use to access resources and enforces these paths at runtime. This approach allows the software to monitor and control application behavior based on previously established patterns of 'good' actions across known implementations.

The technology focuses specifically on preventing malware from executing within applications where traditional security tools are often bypassed or disabled. By operating from within applications rather than externally, OnSystem Defender can detect and respond to malicious code that attempts to exploit memory vulnerabilities or inject dynamic code. The software runs continuously on Windows endpoints with minimal performance impact according to the company.

What makes OnSystem Logic different?

The key technical differentiator of OnSystem Logic's approach is its focus on operating within applications rather than attempting to enforce security measures from outside. The software has created behavioral blueprints for Windows applications by learning their legitimate runtime code paths through both crowd-sourced data from customer environments and quality assurance testing. This allows the system to establish and enforce expected application behaviors without requiring access to source code or rewriting of existing applications.

Unlike traditional application control and whitelisting solutions that often face deployment challenges, OnSystem Defender employs pre-configured policies designed for straightforward implementation. The software uses a multi-layered filtering system that progresses from coarse to fine-grained controls to regulate application execution and memory access. This approach aims to address common issues with traditional whitelisting solutions that can become too restrictive or difficult to maintain over time.

Use cases and industries

OnSystem Logic markets its solution to organizations seeking protection against various cyber threats, including ransomware, supply chain attacks, and zero-day exploits. The software has found adoption in higher education institutions, such as the University of Maryland Baltimore County, which deployed it to protect high-risk desktops handling financial and student data. The company also targets credit unions, financial institutions, and organizations running operational technology vulnerable to cyberattacks.

The solution can be deployed alongside existing security products and is available through managed service providers (MSPs) and managed security service providers (MSSPs). OnSystem Logic maintains a Product Evaluation Program that allows potential customers to assess the software's capabilities within their environments. The company emphasizes the product's ability to protect against both known and previously unseen threats while maintaining system performance and operational efficiency.