PROTECT BEFORE YOU DETECT
Application isolation using virtualization-based security stops attacks in real time, protecting your organization from threats, and eliminating the cycle of chasing false alerts, emergency patching, and remediation.
TACKLE MALWARE WITH VIRTUALIZATION
Application isolation provides benefits that simply cannot be matched by traditional detect-to-protect solutions. When every threat is contained in its own micro-VM, users can click with confidence when surfing the web, using email or opening documents.
HARDWARE-ENFORCED APPLICATION ISOLATION
Bromium micro-virtualization technology uses a Xen-based security-focused hypervisor we call the Bromium Microvisor. We take advantage of the hardware features that are built into Intel® and AMD® CPUs to run each task in a single-use hardware-isolated container.
ISOLATE EACH TASK WITHIN ITS OWN MICRO-VM
When a user visits a web page, opens a document, or downloads an email attachment, Bromium creates a new micro-VM. The user experience and application performance aren’t affected. From the user’s perspective, everything works exactly the same way as it would on a regular machine. However, each task and process runs inside its own micro-VM, and is safely contained there.
EVERYTHING IN THE MICRO-VM IS CONTAINED
If a task turns out to be malicious, and malware is attempting to modify the kernel or change the master boot record, it is only making those changes within the micro-VM. There is no impact on the underlying system or other micro-VMs. When the task is closed, the micro-VM is destroyed, along with any threats it may contain.
A ‘BLACK BOX’ FLIGHT RECORDER FOR MALWARE
Each micro-VM is created to run a unique, single task. If its behavior deviates from what’s expected, that’s a sign that malware might be present. All the information about what the malware is doing is sent in real time to the SOC team via the management console.
Collect data on the entire kill-chain of the attack
Identify its command and control server(s)
Find out what connections the malware is making
Determine the malware’s target and adversary’s intention
Capture the malware payloads and make it available to the analysts within the SOC
SUPERIOR THREAT ANALYSIS AND NO NEED FOR REMEDIATION
BREACHLESS THREAT INTELLIGENCE™
Bromium endpoints and servers form a continuously adaptive sensor network for malware analysis and instant sharing of threat indicators. Security teams receive Breachless Threat Intelligence™ and complete kill-chain analysis reports to help find threats faster, ensuring enterprise-wide visibility and control.
As soon as the task finishes, Bromium discards that micro-VM. Any malware that may have been present is removed from the system, with no risk of cross-contamination and no need for cleanup or re-imaging of the PCs.
DETECTION RELIES ON PATIENT-ZERO INFECTION — BROMIUM DOESN’T
The anti-malware security industry has tried everything: signatures, heuristics, sandboxing, artificial intelligence, predictive analytics, machine learning, and neural networks. Yet none of these solutions can fully protect organizations from attacks. Application isolation helps you:
- Protect your intellectual property, customer data, people, and your brand
- Reduce your threat surface and protect endpoints with hardware-based security
- Endpoints remain protected while native application performance and usability are unaffected
- Breachless Threat Alerts™ show full kill-chain analysis
- No malware escape has ever been reported by our customers