Agent Data Security

The Myrmex agent incorporates a trust model and established cryptographic practices to ensure that only legitimate devices can register and communicate with the Myrmex Security Platform, maintaining data confidentiality and integrity. To ensure that only legitimate devices can register and communicate confidentially with the Myrmex Security Platform, Myrmex Endpoint Security employs a model based on asymmetric key cryptography (RSA 4096 bits), symmetric key cryptography (AES-256-GCM), and secure transport (TLS 1.3). The set of practices and protection layers follows the Zero Trust paradigm, as each device must prove its legitimacy at all times. Below, we detail each step of the Myrmex Agent integration and security process, highlighting the protection mechanisms and applied algorithms.

Installer and Temporary Token

The first point of contact between the organization and the Myrmex Agent occurs through the installer, which is accompanied by a temporary token valid for 24 hours. This token allows multiple installations during the period, optimizing the onboarding process, but becomes unusable after expiring, mitigating risks of misuse.
  • Controlled Distribution: The 24-hour validity drastically reduces the risk of unauthorized installations.
  • Scalable Convenience: Allows the use of a single installer on multiple endpoints, speeding up initial deployment.
  • Risk Mitigation: If the installer is obtained by third parties, it becomes invalid after the token expires.

Certificate Generation (RSA 4096 bits Keys)

After installation, the agent locally generates an RSA 4096 bits key pair, consisting of a public key and a private key. The chosen length provides robust security against computational attacks.
  • Secure Creation and Storage:
    • The private key remains on the device, protected by restricted permissions.
    • The public key is sent to the server for registration and validation.
  • Benefits of RSA 4096:
    • Factoring Difficulty: The RSA algorithm relies on the difficulty of factoring large numbers, making it computationally infeasible to break.
    • Cryptographic Longevity: Maintains its robustness even against future advances in computing power.

Initial Registration and ID Issuance

With the RSA keys generated, the agent registers with the Myrmex Security Platform, receiving a unique ID that permanently identifies it.
  • Token and Public Key Submission:
    • The information is sent to the server over a secure TLS channel.
    • The server validates the token and registers the public key.
  • ID Return:
    • The server generates and returns a unique ID to the endpoint, which stores it as its official identity on the platform.

Authentication via Private Key (Zero Trust)

After registration, the agent proves it possesses the private key corresponding to the registered public key, implementing the Zero Trust principle.
  • Signing and Verification Process:
    • The agent signs or encrypts its ID with the private key.
    • The server validates the signature or decrypts the message using the registered public key.
  • Additional Security:
    • Impersonation Prevention: Without the private key, the correct signature cannot be reproduced.
    • Continuous Revalidation: The system may request new authentications periodically.

Symmetric Key Distribution (AES-256)

For greater efficiency in data traffic, the server generates an AES-256 symmetric key, which is sent securely to the agent.
  • Symmetric Key Encryption:
    • The AES key is encrypted with the device’s public key.
    • Only the agent, with its private key, can decrypt it.
  • Secure Storage:
    • The AES key is kept in the agent’s memory for real-time use.

Encrypted Session and Continuous Zero Trust

After obtaining the AES-256 key, Myrmex Endpoint Security establishes a secure session with the Myrmex Security Platform.
  • Encryption Layers:
    • TLS 1.3: All traffic is encapsulated by TLS, ensuring privacy and protection during transport.
    • AES-256-GCM: Data is additionally encrypted with AES, adding integrity and authentication to each packet.
  • Continuous Zero Trust:
    • Even when connected, the device is not automatically trusted.
    • The platform may require additional validations, such as rekeying or authentication challenges.

Key Rotation and Layered Security

To maintain high security levels, Myrmex employs key rotation routines and overlapping cryptographic layers.
  • Key Rotation (Rekeying):
    • The server can request the generation of a new AES key if compromise is suspected.
  • TLS with Ephemeral Keys:
    • TLS keys are generated for each session and are not reused, preventing replay attacks.
  • Protection Layers:
    • If one layer is compromised (e.g., TLS), the data remains protected by AES-256 encryption.