Virtualization-based Security 2018-05-31T09:46:34+00:00

PROTECT BEFORE YOU DETECT

Application isolation using virtualization-based security stops attacks in real time, protecting your organization from threats, and eliminating the cycle of chasing false alerts, emergency patching, and remediation.

TACKLE MALWARE WITH VIRTUALIZATION

Application isolation provides benefits that simply cannot be matched by traditional detect-to-protect solutions. When every threat is contained in its own micro-VM, users can click with confidence when surfing the web, using email or opening documents.

HARDWARE-ENFORCED APPLICATION ISOLATION

Bromium micro-virtualization technology uses a Xen-based security-focused hypervisor we call the Bromium Microvisor. We take advantage of the hardware features that are built into Intel® and AMD® CPUs to run each task in a single-use hardware-isolated container.

ISOLATE EACH TASK WITHIN ITS OWN MICRO-VM

When a user visits a web page, opens a document, or downloads an email attachment, Bromium creates a new micro-VM. The user experience and application performance aren’t affected. From the user’s perspective, everything works exactly the same way as it would on a regular machine. However, each task and process runs inside its own micro-VM, and is safely contained there.

EVERYTHING IN THE MICRO-VM IS CONTAINED

If a task turns out to be malicious, and malware is attempting to modify the kernel or change the master boot record, it is only making those changes within the micro-VM. There is no impact on the underlying system or other micro-VMs. When the task is closed, the micro-VM is destroyed, along with any threats it may contain.

A ‘BLACK BOX’ FLIGHT RECORDER FOR MALWARE

Each micro-VM is created to run a unique, single task. If its behavior deviates from what’s expected, that’s a sign that malware might be present. All the information about what the malware is doing is sent in real time to the SOC team via the management console.

 

Collect data on the entire kill-chain of the attack

 

Identify its command and control server(s)

 

Find out what connections the malware is making

 

Determine the malware’s target and adversary’s intention

 

Capture the malware payloads and make it available to the analysts within the SOC

SUPERIOR THREAT ANALYSIS AND NO NEED FOR REMEDIATION

BREACHLESS THREAT INTELLIGENCE™

Bromium endpoints and servers form a continuously adaptive sensor network for malware analysis and instant sharing of threat indicators. Security teams receive Breachless Threat Intelligence™ and complete kill-chain analysis reports to help find threats faster, ensuring enterprise-wide visibility and control.

DISPOSABLE ENVIRONMENTS

As soon as the task finishes, Bromium discards that micro-VM. Any malware that may have been present is removed from the system, with no risk of cross-contamination and no need for cleanup or re-imaging of the PCs.

DETECTION RELIES ON PATIENT-ZERO INFECTION — BROMIUM DOESN’T

The anti-malware security industry has tried everything: signatures, heuristics, sandboxing, artificial intelligence, predictive analytics, machine learning, and neural networks. Yet none of these solutions can fully protect organizations from attacks. Application isolation helps you:

  • Protect your intellectual property, customer data, people, and your brand
  • Reduce your threat surface and protect endpoints with hardware-based security
  • Endpoints remain protected while native application performance and usability are unaffected
  • Breachless Threat Alerts™ show full kill-chain analysis
  • No malware escape has ever been reported by our customers

See Bromium in Action

Put an end to malware and attacks once and for all. Request a demo of the Bromium Secure Platform to learn how Bromium uses virtualization-based security to isolate applications and stop threats. Complete the form to request a demo.

Thank you! The information has been submitted successfully.
0 Shares
Share
Tweet
Share

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close