Developed a Next-Gen EDR Platform to Combat Ransomware at Scale

Client Overview

Our client is a US-based cybersecurity company specializing in next-generation security solutions for enterprise customers. The company focuses on building products that help organizations stay ahead of evolving cyber threats such as ransomware, advanced malware, and insider attacks.

As part of their growth strategy, the client wanted to expand their portfolio with a next-generation Endpoint Detection & Response (EDR) solution. To achieve this, they required a technology partner with deep expertise in operating system internals, kernel-level programming, and cross-platform development across Windows, macOS, and Linux. Their vision was to deliver an EDR solution that not only detects threats but also prevents attacks in real time, offering enterprises stronger protection and control over their endpoints.

Team Strength

VoidStarIndia brought in a dedicated engineering team with the right mix of expertise and scale to meet the client’s requirements:

• Team Size: 10+ engineers dedicated to the project
• Core Expertise: Kernel development, OS internals, endpoint security, malware analysis, and cross-platform system programming
• Experience: Each engineer had 4–8 years of hands-on experience, with a combined team experience in cybersecurity product engineering.
• Capabilities: Ability to work across Windows, macOS, and Linux simultaneously, ensuring faster delivery of cross-platform features

This strong foundation allowed the client to accelerate development without building a large in-house team, while maintaining enterprise-grade quality and reliability.

Challenges

The client started with a couple of technology companies with small tasks and ended in signing a contract with us after seeing the quality of delivery in those tasks. The client needed a partner with deep operating system expertise and kernel-level security engineering required to build a robust next-gen EDR solution. They needed:

• Cross-platform capabilities across Windows, macOS, and Linux
• Expertise in kernel programming for advanced visibility and control
• A trusted partner to accelerate product development without compromising on security or performance

Our Approach

VoidStarIndia collaborated closely with the client’s product team and developed critical system-level components, including:

• Kernel drivers & system extensions: Windows mini-filter & WFP callout drivers, macOS system extensions, Linux kernel modules for real-time data collection from unknown applications.
• User-mode detection engine: A custom-built detection engine to analyze suspicious behavior.
• Real-time virtualization: Containment of unknown applications to safeguard sensitive user data from ransomware and other high-impact threats.
• Deep system visibility: Low-level telemetry via kernel drivers for high-fidelity detection and response.
• Admin control features: Termination of malicious processes, handle closures, and removal of suspicious drivers or services.
• Centralized web-based console: Endpoint agents for streamlined management and coordinated threat response across the enterprise.