Our Technology

Blockchain/Distributed Ledger Technology

Blockchain refers to a technology where a massive network of computers collectively combine to accumulate and assemble information with all collective computers completely keeping copies of all transactions. Blockchain collects and combines information in a united and universal matter in a method called a distributed ledger or distributed ledger technology (DLT). DLT provides for all systems to record all transactions, irrefutably verifying the veracity of all transactions. Traditional ledgers provide for a central authority to confirm transactions, but DLTs use a collective and collaborative approach deeming the use of unsaid central authorities unnecessary.

The Why: Blockchain is usually referenced in connection with Bitcoin, which relies on DLT to secure transactions. OpenAVN harnesses DLT to connect digital threat detectors around the world. Using DLT, OpenAVN can confirm and verify malware threats in a fast and secure way.


Using the internet as a medium for solicitation and communication, crowdsourcing is the process or practice of soliciting work, information or input from a large number of individuals to accomplish a task, project or assessment/evaluation. Crowdsourcing can be useful for larger projects by breaking it down into smaller component parts and allowing the crowd to address those components separately. Crowdsourcing allows organizations to expand their internal expertise expeditiously and inexpensively by supplementing it with the skills, information and experience obtained worldwide.

The Why: This is the “open” in OpenAVN. With a global network of threat detectors, OpenAVN receives malware threat data from around the world. This threat intel is indeed crowdsourced - instead of drawing from an already-existing data lake of malware intel alone, OpenAVN draws on a vibrant and ever-growing global network, which allows for faster response times and more up-to-the-minute intelligence and protection.


Firewalls are devices, or really architectures, that protect information assets at a network perimeter. Firewalls provide a variety of technologies including:

  1. Packet filtering – permits or restricts incoming packets (information) based on the (a) information submitted and (b) the destination sent. For example, firewalls will allow only web traffic to be sent to the web server.
  2. Stateful packet inspection (SPI) – permits inbound traffic based on whether it has responded to an outbound request. In other words, an inbound web response from a website will only be allowed if the firewall links it to an outbound web request.
  3. Proxy serving – in this technology, the firewall acts on behalf of or “proxies” for a client. The client initiates a session with an outside server (e.g. a web server) but the proxy intercepts the request and separately presents the request to that server. If a server contained malicious or attack programs (malware), then that malware would actually attack the firewall appliance itself rather than the client. Given that the firewall is a hardened, i.e., a protected and strictly secured device, the attack would prove ineffective and the client (e.g. web browser) would be unscathed.

Firewalls also refer to types of architectures where hosts (i.e. servers providing services over the internet, a.k.a. bastion hosts) reside in a protected network called a demilitarized zone (DMZ). The assumption is that any host directly reachable from the internet will inevitably be compromised. As such, potentially compromised hosts (isolated in the DMZ network) can only initiate limited communication with systems in the internal (trusted) network, and therefore attacks from the DMZ have a lower likelihood of success.

Some firewalls may also provide other capabilities, which may or may not fall under the strict definition of “firewall.”

The Why: Our lightweight browser extension, Torus, acts similar to a firewall to protect your system from internet threats. Active whenever you browse the internet, Torus will block malicious or suspicious files from being downloaded onto your computer, whether it’s from an email, an ad, or a faulty link.

Mach Speed Processing

This is a term coined by our Product Head to illustrate the lightweight and lightning-fast optimizations of OpenAVN’s products. BrightScan can scan up to 35,000 files per second, using less than 32 MB of RAM (most computers have over 8 GB of RAM). By utilizing Advanced Vector Extensions (AVX), BrightScan can handle different decision-making processes more efficiently, so it completes tasks faster.

The Why: BrightScan takes into consideration the load on your computer at any given time.

By optimizing the processing speed of its scans, BrightScan assesses how much RAM your system has been consuming, and alters its behavior accordingly, giving you enough space to continue your own tasks without slowing you down. With BrightScan’s Mach Speed Processing, you’ll have enough room to work or play without sacrificing your cybersecurity. System scans may run a bit slower when you have other programs running, because we want you to be able to work on your Photoshop project whileyou’re scanning - no Sophie’s Choices here!


With ransomware, attackers make a target or victim’s computer unusable to extort money from system owners or users wishing to regain access to valued information. Attackers presume that it would be cheaper to pay the ransom than it would be to lose vital information. With ransomware, attackers encrypt data on the target system to make that information irretrievable. The attacker attempts to extort money from the victim in exchange for access to apparently lost information. Ransomware encryption renders systems’ data irretrievable using advanced encryption requiring a key held only by the attacker. Attackers can launch ransomware through a variety of threat vectors including social engineering (tricking individuals into doing something to compromise their systems or information), viruses, worms, Trojan horses or any other form of malware.

The Why: We believe that the first step of defense is knowing your enemy. Ransomware is one of the most prevalent and harmful forms of malware on the internet today. OpenAVN’s products protect users from ransomware using Distributed Ledger Technology and AI.


A sandbox or "sandboxing" refers to the technology where an unknown program is isolated in a controlled environment to determine its functionality while minimizing the risk that the program might cause harm to information or system resources. Using virtual machine technology, sandboxes isolate unknown programs to determine attack threat vectors. Sandboxes can exist with an individual operating system to allow endpoint protection programs to determine their functionality and risk.

The Why: BrightScan, OpenAVN’s powerful malware scanning tool, uses sandboxing to separate suspicious files from the rest of a computer system. On the BrightScan dashboard, you will see a tab labeled “Quarantine.” This is your sandbox. Like regular quarantining, BrightScan’s quarantine cuts off any suspicious files before they have a chance to infect your computer. And once those files are in Quarantine, you the user have the option to block or allow the file, based on your preferences.

Threat Intelligence

Gartner defines threat intelligence as, “Evidence-based knowledge, including context, mechanisms, indicators, implications and action-oriented advice about an existing or emerging menace or hazard to assets. This intelligence can be used to inform decisions regarding the subject’s response to that menace or hazard.” Using artificial intelligence / machine learning, threat intelligence allows organizations to understand existing and new attacks and to sift out real attacks from innocuous events.

Zero-Day Attack

A zero-day attack is a brand-new attack for which no metric or defining quality has been identified. Because such attacks have no distinguishing qualities, it is extraordinarily difficult to provide measures to prevent, detect or correct them. Effective measures to mitigate such attacks require behavior-based analysis where the attack is identified by understanding “normal” system behaviors and thus abnormal system behavior may indicate a malicious attack. The trick is using an effective methodology to identify abnormal behaviors as attack vectors.

The Why: OpenAVN’s products are your first line of defense against Zero-Days Attacks. While new attacks are always cropping up, OpenAVN’s global threat detection network allows BrightScan and Torus to identify these new, previously unknown attacks faster than any other cybersecurity software. This is why we like to refer to OpenAVN as not just cybersecurity, but cyber visibility. OpenAVN gives you a panoramic view of the malware landscape, so you can get the full picture: not just previously known threats, but new threats appearing on the horizon every day.

Zero Knowledge Proof

Zero knowledge proof (ZKP) is a difficult-to-understand concept where an entity (an individual or organization) can prove something happened without having direct evidence of its occurrence. A way to understand this could come from the movie Casino, starring Robert DeNiro. In Casino, DeNiro, the casino manager fires an employee because the same slot machine produced three jackpots within minutes. The probability of a single slot machine jackpot was astronomically low, but a jackpot occurring three times within minutes was so small that it could not have happened without someone rigging the slot machine. This was an example of ZKP as DeNiro’s character had no “proof” of the fix, but knew it was rigged with zero knowledge proof. In endpoint protection software, ZKP can help the software identify threats or threat vectors without having to compromise sensitive data residing on the protected system.

The Why: The simple answer: we value your privacy! While other endpoint protection platforms make a carbon copy of your hard drive (to “protect” it), OpenAVN uses Zero-Knowledge Proofs to assess the safety and vulnerability of your system withoutcompromising the privacy of your data. By examining the metadata surrounding a computer’s files using ZNPs, OpenAVN’s products can identify malware or system vulnerabilities without seeing users’ personal data.