Ceedo Technologies was originally founded as a software virtualization platform by Dror Wettenstein in 2005. Since then, Ceedo has been using virtualization technology to make productivity tools for individual and enterprise use. In recent years, the company has followed the rising global trend of employment of virtualization in cybersecurity and shifted its focus to that industry.
Ceedo Personal was a portable operating system that allowed users to carry applications on portable media, running them inside a virtual environment, while using resources from the host PC. Applications were launched in an independent environment, allowing them to run regardless of the specific settings of the host computer. Ceedo Personal has been licensed by consumer storage vendors including Lexar, Seagate, Verbatim, Maxell, ExcelStor, Venzero and others. The product has been pre-bundled on millions of devices and sold worldwide. Ceedo Personal has often been compared to another product, U3, similar in both appearance and functionality.
Ceedo Enterprise
Introduced in 2008, Ceedo Enterprise was a version of Ceedo platform designed for business use and included remote management capabilities. Ceedo Enterprise was designed to be carried primarily on encrypted hardware and could have been customized and pre-configured. Ceedo and Citrix partnered in 2008 to create a portable version of the Citrix XenApp client.
Cybersecurity
After several years of hiatus, Ceedo resumed operations in 2016. The company continued developing virtualization technologies, with focus switched to cybersecurity. Ceedo has several patents pending for its virtualization technology.
Technology
Ceedo claims to protect computers from being compromised by using application containers. Such application containers create isolation barrier between potentially vulnerable application and the host system.
Application containers
Ceedo utilizes application containerization technology and context-basedaccess controls to isolate web-facing applications and attempt to completely separate all untrusted content from the host. Potential malware execution is privilege-restricted that way and confined only to the isolated container created by Ceedo. Ceedo's context-based approach determines context by looking at the security classification of the application/process requesting to operate on a file, the file on which it is requesting to operate, and the nature of the operation. From this context, Ceedo derives the permissions it will allow the requesting application/process, the boundaries of the security container that encapsulates its execution and the isolation policies applied to its boundaries with the host system. Ceedo containers exist solely on the host and use only local resources.
Similar solutions
Companies like Symantec and Bromium use similar containerization technologies for their products.
MalwareLocker
MalwareLocker is currently the only Ceedo product. It uses Ceedo application containers to create an isolated virtual environment and a security perimeter around the application and related data. Users can continue to use protected applications as they otherwise would, while all interactions between the application and the host computer are filtered through intelligent security checkpoints that ensure potential threats are confined to the container. The outcome is a protection measure that can be effective against all malware infections and is not dependent on threat detection. MalwareLocker is primarily sold to enterprises, and is used to protect their employees against web-borne threats. It is also used to secure endpoints from threats potentially coming from removable media or network.
Content Disarm & Reconstruction
Ceedo claims to have a partnership with leading firms in Content Disarm & Reconstruction field. This technology is used to supplement Ceedo containers and allow users to safely transfer files downloaded from the Internet.
Ceedo Cloud Management System is a web-based management system that is sold together with MalwareLocker, allowing administrators to compose and configure policies for MalwareLocker units and assign them to remote users from a central location.