Bromium Aims to Protect Users on the Move with Upgraded Virtualization Software
The company can now also capture hacker activities and play them back later
Tue, June 11, 2013
IDG News Service (London Bureau) — Bromium's small virtual machines have been updated to protect users who send documents or connect to public wireless hotspots when on the move.
The core of Bromium's vSentry software uses Intel CPU hardware features to isolate untrustworthy tasks on Windows in a micro-VM on the fly, and guarantees that any malware the users come across will be defeated and discarded without the user noticing, according to the company.
"Our goal is that the user should have absolutely no idea that we are there," said Simon Crosby, co-founder and CTO at Bromium.
With vSentry 2.0, which became generally available on Tuesday, Bromium protects users that access enterprise applications via wireless hotspots or other untrusted networks. Whether the apps are hosted or run in the enterprise's own data center, the technology provides end-to-end security, according to Crosby.
The portal used to log in to the untrusted network runs separately in a micro-VM.
"When the bad guy shows up in that context he doesn't see anything beyond the login site. I want to be very clear about this: the bad guy will not see any keystrokes, mouse clicks or any other application on the desktop. So there is no way he can steal anything," Crosby said.
The upgrade also offers protection when users are exchanging documents. Up to now, products have forced users to make a decision on whether, for example, a Word document is secure or not. But with vSentry 2.0 that is no longer the case.
"We give the user a completely native experience for Word or whatever the tool is, but it always runs in a micro-VM," Crosby said.
An important part of Bromium's offering is the ability to collect attack data for analysis using the Live Attack Visualization and Analysis (LAVA) engine -- giving security staff in-depth information about attacks in real-time.
"In version 1, we essentially gave you a trace of the malware's activity, but now we actually capture the malware and keep it for forensic evidence. Allowing the attack to be replayed in order to learn more about it," Crosby said.
Bromium has also added support for Structured Threat Information eXpression (STIX) to LAVA, which is an emerging XML standard for threat information.
For any upstart -- especially one that like Bromium does things differently -- customer references are important to show that its software or hardware can be trusted.
"The language in the security market is totally bankrupt, because all the vendors claim they are secure and they all lie and customers know that. So you can go out there and say whatever you want until you are blue in the face and nobody will believe you," Crosby said.
When claims are backed up by high-caliber references, however, they start to resonate. It's a critical step for Bromium, then, to able to say that NYSE Euronext uses vSentry, according to Crosby.
Bromium is working on adding support for a number of other operating systems in addition to Windows 7, including Windows 8 and Mac OS X.
"Windows 8 is actively being demoed to customers. The bit that hasn't landed yet is all the Metro support. Android is also being demoed and Mac is going into beta," Crosby said.
The list price for vSentry 2.0 is $150 per seat, with volume discounts available.
Send news tips and comments to email@example.com