Our innovative solutions — which include vSentry deployed at the endpoint and LAVA (Live Attack Visualization and Analysis) deployed in the security operations center (SOC) — are built on the Bromium Microvisor, which leverages virtualization hardware built into modern endpoint systems to defeat and record, analyze and display previously undectable attacks.
Bromium products are designed to deal with the inescapable realities of vulnerable software and targeted persistent attacks that trick users into executing malware that is impossible to detect or prevent using traditional tools. Bromium products not only protect the endpoint but also make the entire enterprise security infrastructure more effective and less expensive to use by providing unmatched visibility into an attackers strategy, tactics and techniques.
View Malware Behavior in Realtime
LAVA offers a precise and detailed view of malware behavior in real time. LAVA runs on the Bromium Management Server (BMS) and provides insight into an attack’s origins, techniques and targets. Every Bromium-enabled endpoint forwards alerts and detailed forensic evidence to LAVA. LAVA delivers post-exploitation analysis and categorization of the complete attack cycle. Full samples of malware are provided for in-depth analysis by the security team, and signatures of unknown malware are generated in real time for use throughout the enterprise. Intelligence can be shared via standardized STIX/MAEC reports with partners and vendors, extending the benefits of LAVA beyond the protected organization itself.
Respond to Threats Quickly and Efficiently
Security organizations consume valuable time and resources reacting to routine attacks encountered in the course of doing business on the web. Because of limited resources dedicated to analysis, it is often the case that the same attack will continuously be used to penetrate an organization. LAVA automates a normally time-intensive process, enabling security teams to quickly identify previously unknown attacks from common malware and determine who within the organization is targeted. Armed with this information, enterprise security teams can respond to threats quickly and efficiently by updating existing security mechanisms, fortifying the defenses of specific attack targets and alerting the targets of the attack to be aware of the threat. This comprehensive, real-time view into all endpoint malware attacks is what separates LAVA from legacy products.