Hypervisor Security, Presentation by Ian Pratt

Blog Hypervisor Security, Presentation by Ian Pratt

Blog-Platform-Security-Summit

September 26, 2018 Category: Innovation By: Jessica Morales Comments: 0

Hypervisor Security, Presentation by Ian Pratt

  • Bromium’s co-founder Ian Pratt delivered an insightful talk about hypervisors at Black Hat USA
  • In his talk, Ian examines the evolution of hypervisor design, architecture, and technology over the years
  • If you have missed Ian’s session at Black Hat, you can watch his presentation on hypervisors from @pltformsec here

Micro-virtualization is a powerful concept that enables an endpoint to secure itself “by design”. It relies on the built-in features of Intel CPU to hardware isolate each untrusted user task, such as opening a browser tab, downloading a document, or clicking on a link. These hardware-isolated tasks are contained within disposable micro-VMs, which protect the OS and other tasks from malware. All changes to system state are saved in a throwaway cache, and upon the termination of the task, the micro-VM and the cache are simply discarded, along with any malware.

Hypervisors play a key role in virtualization-based security, helping reduce an attack surface and enable robust isolation and containment in a way that operating systems have proven too complex to provide.

At Black Hat, Bromium’s co-founder Ian Pratt delivered an insightful talk about hypervisors, their history, architecture, design, and growing role in enterprise security. Ian has been intimately involved with this technology – having built four hypervisors over the span of 17 years, including Xen, XenClient, Bromium vSentry, and AX.

Anyone who is familiar with the concept of virtualization should find his talk particularly interesting and perceptive – especially the parts where Ian examines the evolution of the hypervisor and discusses how his team has used technology and hardware features available at the time to advance virtualization capabilities. Ian looks back at design and architecture decisions that he and his colleagues made for each iteration of the hypervisor and assesses how those decisions have stood the test of time, through security research and adversary action.

Even if you have missed Ian’s talk at Black Hat – you are in luck. Ian delivered a similar technical presentation at the Platform Security Summit, and @pltformsec has been very generous to share the recording of Ian’s session with us.

We would like to invite you to dive deep into the elegant complexity of a hypervisor design by watching Ian’s talk: “Hypervisor Security: Lessons Learned”. If you have any follow-up questions or have a story to tell about your own experience with hypervisors, please leave a comment, or contact Bromium, and we would be happy to continue the dialog.

 

Subscribe

Enter your email address to receive notifications.

About the Author

Jessica Morales

Jessica Morales

Recent Posts

Categories
2018-09-26T11:56:24+00:00September 26th, 2018|Innovation|

Leave a Reply

See Bromium in Action

Put an end to malware and attacks once and for all. Request a demo of the Bromium Secure Platform to learn how Bromium uses virtualization-based security to isolate applications and stop threats. Complete the form to request a demo.

Thank you! The information has been submitted successfully.
Share
Tweet
Share

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close