Guardtime’s Black Lantern® hardware platform is an interface between the organization’s operational environment and the KSI infrastructure, designed to survive in the most austere environments, where physical and virtual control over the device or attached network could be absent. 

Using active-defense measures, the Black Lantern protects itself and your network from a growing arsenal of nation-state cyber threats, threats to/from uncontrolled physical assets, and insider threats.

Defends Itself Against Remote and Physical Attacks

  • Active Monitoring of executable code during run-time
  • Denial of Service attack resistance via OSI policing
  • Authenticated and encrypted communications channels
Black Lantern software is encrypted at rest using ETSI approved encryption algorithms. The hardware is incapable of executing unsigned code; it will not boot if the software and hardware runtime environment is not authentic.
  • All operating software is signed and encrypted at rest
  • Hardware is resistant to cryptanalysis attacks 
  • Escalated tampering results in heightened security reactions to preserve the resilience of Black Lantern and connected assets

Black Lantern uses advanced ASICs with customized tamper and escalation protection features for added security given a variety of attack vectors.  

  • Reports any attempt of tampering to SOC
  • Real-time alert on suspected Black Lantern peer-tampering
  • Provides critical operational metrics to NOC

Black Lantern Key Benefits

Black Lantern is self-protecting. Tamper events are immediately evident and Black Lantern engages protection mechanisms to wipe keys and software, rendering the system inoperable, or into various maintenance modes.

It is not possible to use Black Lantern to stage an attack, either against a Black Lantern itself, or against other assets in your network.

Black Lantern provides:
  • Secure KSI Facilitation
  • Real-time Threat Detection
  • Real-time Incident Response
  • High Availability & Redundancy
  • Active Self-Defense Mechanisms
  • Security Reaction Monitors
  • Real-Time SOC Escalation
  • Content-Aware Network Stack
  • Secure Signed Updates
  • Network Ingress Protection
  • Continuous Monitoring
  • Guaranteed QoS & SLA’s