Bromium: Difference between revisions
Magioladitis (talk | contribs) m Improved article to match Manual of Style, References after punctuation per WP:CITEFOOT and WP:PAIC using AWB (12151) |
Samuelrndc (talk | contribs) m Remove obvious biases and make text more neutral. No substantive changes. |
||
Line 17: | Line 17: | ||
}} |
}} |
||
'''Bromium''' is a [[venture capital]]–backed startup based in [[Cupertino, California|Cupertino]], [[California]], that works with [[virtualization technology]]. Bromium focuses on [[virtual hardware]] to eliminate endpoint computer threats like [[computer virus|viruses]], [[malware]], and [[adware]]. |
'''Bromium''' is a [[venture capital]]–backed startup based in [[Cupertino, California|Cupertino]], [[California]], that works with [[virtualization technology]]. Bromium focuses on [[virtual hardware]] claiming to reduce or eliminate endpoint computer threats like [[computer virus|viruses]], [[malware]], and [[adware]]. |
||
==History== |
==History== |
||
Line 30: | Line 30: | ||
==Technology== |
==Technology== |
||
[[File:Bromium-endpoint-capabilities.png|thumb|upright=1.3|Bromium "micro-virtualization"]] |
[[File:Bromium-endpoint-capabilities.png|thumb|upright=1.3|Bromium "micro-virtualization"]] |
||
Bromium's technology is called micro-virtualization, and it |
Bromium's technology is called micro-virtualization, and it's designed to protect computers from [[Malware|malicious]] code execution initiated by the end user, including rogue web links, email attachments and other files.<ref name=Metz>{{cite news|last=Metz|first=Cade|title=Simon Crosby ‘Inverts Your Brain’ With Tiny Virtual Machine|url=https://www.wired.com/wiredenterprise/2012/06/crosby-bromium-microvisor/all/|newspaper=Wired|date=June 20, 2012}}</ref> Its virtualization technology relies on hardware isolation for protection.<ref>{{cite news|last=Chao|first=Jude|title=Bromium Promises Unbreakable Protection for the Modern Enterprise|url=http://www.enterprisenetworkingplanet.com/print/netsecur/bromium-promises-unbreakable-protection-for-the-modern-enterprise-1.html|newspaper=Enterprise Networking Planet|date=September 5, 2013}}</ref> |
||
It is implemented by a late-load hypervisor called a Microvisor, which is based on the open source Xen [[hypervisor]]. The Microvisor is similar in concept to a traditional [[hypervisor]] that’s installed on a [[Server (computing)|server]] or desktop’s [[operating system]]. Traditional VMs are full versions of an operating system (complete with full suites of applications), but the Microvisor uses the hardware virtualization present on desktop processors to create micro-VMs which are specialized virtual machines tailored to support a specific task.<ref name=Harris>{{cite news|last=Harris|first=Derrick|title=How Bromium lets bad guys in and still keeps data safe|url=http://gigaom.com/2012/06/20/how-bromium-lets-bad-guys-in-and-still-keeps-data-safe/|accessdate=February 28, 2014|newspaper=GigaOM|date=June 20, 2012}}</ref> When a new application is opened, a link is clicked on, or an email attachment is downloaded, the Microvisor creates a micro-VM tailored to that specific task with access to only those resources required to execute.<ref name=Metz/><ref name=Harris/> By placing all vulnerable tasks inside micro-VMs that are tied to the hardware, there is no way for malware to work through a sandbox layer and attack the host environment (i.e. the operating system in which micro-VMs are executed). Each process gets its own micro-VM, and that VM is dissolved when the process stops, taking any malware with it. |
It is implemented by a late-load hypervisor called a Microvisor, which is based on the open source Xen [[hypervisor]]. The Microvisor is similar in concept to a traditional [[hypervisor]] that’s installed on a [[Server (computing)|server]] or desktop’s [[operating system]]. Traditional VMs are full versions of an operating system (complete with full suites of applications), but the Microvisor uses the hardware virtualization present on desktop processors to create micro-VMs which are specialized virtual machines tailored to support a specific task.<ref name=Harris>{{cite news|last=Harris|first=Derrick|title=How Bromium lets bad guys in and still keeps data safe|url=http://gigaom.com/2012/06/20/how-bromium-lets-bad-guys-in-and-still-keeps-data-safe/|accessdate=February 28, 2014|newspaper=GigaOM|date=June 20, 2012}}</ref> When a new application is opened, a link is clicked on, or an email attachment is downloaded, the Microvisor creates a micro-VM tailored to that specific task with access to only those resources required to execute.<ref name=Metz/><ref name=Harris/> By placing all vulnerable tasks inside micro-VMs that are tied to the hardware, there is no way for malware to work through a sandbox layer and attack the host environment (i.e. the operating system in which micro-VMs are executed). Each process gets its own micro-VM, and that VM is dissolved when the process stops, taking any malware with it. |
||
Line 38: | Line 38: | ||
The architecture specifically relies on [[x86 virtualization]] to guarantee that task-specific [[mandatory access control|mandatory access control (MAC)]] policies will be executed whenever a micro-VM attempts to access key [[Windows]] services.<ref>{{cite news|last=Madden|first=Brian|title=What Bromium is and How it Works|url=http://www.brianmadden.com/blogs/guestbloggers/archive/2012/09/20/guest-blog-from-simon-crosby-explaining-what-bromium-is-and-how-it-works.aspx|newspaper=BrianMadden.com|date=September 20, 2012}}</ref> Since Micro-VMs are hardware-isolated from each other and from the protected OS, trusted and untrusted tasks can coexist on a single system with mutual isolation.<ref>{{cite news|last=Boulton|first=Clint|title=Startups Develop Next-Generation Cyber Defenses|url=http://blogs.wsj.com/cio/2012/07/25/startups-develop-next-generation-cyber-defenses/|newspaper=The Wall Street Journal|date=July 25, 2012}}</ref> |
The architecture specifically relies on [[x86 virtualization]] to guarantee that task-specific [[mandatory access control|mandatory access control (MAC)]] policies will be executed whenever a micro-VM attempts to access key [[Windows]] services.<ref>{{cite news|last=Madden|first=Brian|title=What Bromium is and How it Works|url=http://www.brianmadden.com/blogs/guestbloggers/archive/2012/09/20/guest-blog-from-simon-crosby-explaining-what-bromium-is-and-how-it-works.aspx|newspaper=BrianMadden.com|date=September 20, 2012}}</ref> Since Micro-VMs are hardware-isolated from each other and from the protected OS, trusted and untrusted tasks can coexist on a single system with mutual isolation.<ref>{{cite news|last=Boulton|first=Clint|title=Startups Develop Next-Generation Cyber Defenses|url=http://blogs.wsj.com/cio/2012/07/25/startups-develop-next-generation-cyber-defenses/|newspaper=The Wall Street Journal|date=July 25, 2012}}</ref> |
||
The Microvisor’s attack surface is extremely narrow |
The Microvisor’s attack surface is extremely narrow making exploits prohibitively expensive to execute.{{citation needed|date=March 2017}} A report from NSS Labs details penetration testing of the Bromium architecture, which achieved a perfect score in defeating all malware and expert human attempts at penetration.<ref>{{cite news|last=Flood|first=Gary|title=Bromium Founders Detail Life After Xen|url=http://www.informationweek.com/security/risk-management/bromium-founders-detail-life-after-xen/d/d-id/1109061?|newspaper=InformationWeek|date=March 13, 2013}}</ref> |
||
==Products== |
==Products== |
Revision as of 12:59, 15 May 2017
Company type | Private |
---|---|
Industry | Computer Software |
Founded | 2010 |
Founders | Gaurav Banga Simon Crosby Ian Pratt |
Headquarters | , United States |
Area served | Worldwide |
Key people | Ian Pratt (Co-founder and President) Gregory Webb (CEO) Simon Crosby (CTO) Earl Charles (CFO) |
Website | www |
Bromium is a venture capital–backed startup based in Cupertino, California, that works with virtualization technology. Bromium focuses on virtual hardware claiming to reduce or eliminate endpoint computer threats like viruses, malware, and adware.
History
Bromium was founded in 2010 by Gaurav Banga, who was later joined by former Citrix and XenSource executives Simon Crosby and Ian Pratt.[1] By 2013 the company had raised a total of $75.7 million in three rounds of venture funding.[2] The rounds raised $9.2 million, $26.5 million, and $40 million respectively with venture firms such as Andreessen Horowitz, Ignition Partners, Lightspeed Venture Partners, Highland Capital Partners, Intel Capital, and Meritech Capital Partners.[1][3][2]
Bromium shipped its first product, vSentry 1.0, in Sept 2012.[4] Notable early clients include NYSE and ADP.[5]
In February 2014, the company published information about bypassing several key defenses in Microsoft's Enhanced Mitigation Experience Toolkit (EMET) by taking advantage of the inherent weakness of its reliance on known vectors of return-oriented programming (ROP) attack methods.[6]
In Feb 2016, HP and Bromium announced a partnership to build and ship a laptop with micro-virtualization technology built in,[7] starting with the HP EliteBook x360.[8]
Technology
Bromium's technology is called micro-virtualization, and it's designed to protect computers from malicious code execution initiated by the end user, including rogue web links, email attachments and other files.[9] Its virtualization technology relies on hardware isolation for protection.[10]
It is implemented by a late-load hypervisor called a Microvisor, which is based on the open source Xen hypervisor. The Microvisor is similar in concept to a traditional hypervisor that’s installed on a server or desktop’s operating system. Traditional VMs are full versions of an operating system (complete with full suites of applications), but the Microvisor uses the hardware virtualization present on desktop processors to create micro-VMs which are specialized virtual machines tailored to support a specific task.[11] When a new application is opened, a link is clicked on, or an email attachment is downloaded, the Microvisor creates a micro-VM tailored to that specific task with access to only those resources required to execute.[9][11] By placing all vulnerable tasks inside micro-VMs that are tied to the hardware, there is no way for malware to work through a sandbox layer and attack the host environment (i.e. the operating system in which micro-VMs are executed). Each process gets its own micro-VM, and that VM is dissolved when the process stops, taking any malware with it.
The microvisor enforces the principle of least privilege by isolating all applications and operating system functions within a micro-VM from interacting with any other micro-VM, the protected desktop system, or the network the protected desktop is embedded in.[12]
The architecture specifically relies on x86 virtualization to guarantee that task-specific mandatory access control (MAC) policies will be executed whenever a micro-VM attempts to access key Windows services.[13] Since Micro-VMs are hardware-isolated from each other and from the protected OS, trusted and untrusted tasks can coexist on a single system with mutual isolation.[14]
The Microvisor’s attack surface is extremely narrow making exploits prohibitively expensive to execute.[citation needed] A report from NSS Labs details penetration testing of the Bromium architecture, which achieved a perfect score in defeating all malware and expert human attempts at penetration.[15]
Products
vSentry 1.0 was available for Windows 7. vSentry requires an Intel processor with VT-x and EPT.[16]
vSentry 2.0 became available in June 2013 and offers protection when users are exchanging documents.[17]
Bromium Live Attack Visualization and Analysis (LAVA) was released in 2014 and provided the ability to collect attack data detected within a micro-VM for analysis and supported Structured Threat Information eXpression (STIX); an emerging XML standard for threat information at that time.[18]
vSentry 3.0 became available in Dec 2015[19] and included support for behavioral analysis of executable code.
References
- ^ a b Rao, Leena (June 22, 2011). "Virtualization And Cloud Security Startup Bromium Raises $9.2M From Andreessen Horowitz And Others". TechCrunch.
- ^ a b Williams, Alex (October 23, 2013). "Bromium Raises $40M For Security Technology That Traps Malware And Limits Attacks". TechCrunch.
- ^ Ha, Anthony (June 20, 2012). "Bromium Raises $26.5M For Security Through Micro-Virtualization". TechCrunch.
- ^ Staff, virtualizationpractice.info (2012-09-19). "Release: Bromium vSentry". virtualizationpractice.info. Retrieved 2017-04-25.
- ^ CNBC (2013-05-15). "2013 Disruptor 50: Bromium". CNBC. Retrieved 2017-04-25.
- ^ Dark Reading, Kelly Jackson Higgins, “Researchers Bypass Protections In Microsoft's EMET Security Tool.” February 23, 2014. Retrieved February 28, 2014
- ^ "HP partners with Bromium, releases HP SureClick to secure IE and Chromium". BrianMadden. Retrieved 2017-04-25.
- ^ "EliteBook x360 Archives - Bromium". Bromium. Retrieved 2017-04-25.
- ^ a b Metz, Cade (June 20, 2012). "Simon Crosby 'Inverts Your Brain' With Tiny Virtual Machine". Wired.
- ^ Chao, Jude (September 5, 2013). "Bromium Promises Unbreakable Protection for the Modern Enterprise". Enterprise Networking Planet.
- ^ a b Harris, Derrick (June 20, 2012). "How Bromium lets bad guys in and still keeps data safe". GigaOM. Retrieved February 28, 2014.
- ^ Prickett Morgan, Timothy (June 20, 2012). "Bromium twists chip virty circuits to secure PCs and servers". The Register.
- ^ Madden, Brian (September 20, 2012). "What Bromium is and How it Works". BrianMadden.com.
- ^ Boulton, Clint (July 25, 2012). "Startups Develop Next-Generation Cyber Defenses". The Wall Street Journal.
- ^ Flood, Gary (March 13, 2013). "Bromium Founders Detail Life After Xen". InformationWeek.
- ^ Knuth, Gabe (September 20, 2012). "Coolest news of the week: Bromium releases vSentry, adds LAVA - a realtime threat analysis feature". BrianMadden.com. Retrieved March 17, 2014.
- ^ Knuth, Gabe (June 12, 2013). "Bromium vSentry 2.0 focuses on collaboration and mobility". SearchVirtualDesktop.com. Retrieved March 17, 2014.
- ^ Ricknas, Mikael (June 11, 2013). "Bromium aims to protect users on the move with upgraded virtualization software". IDG News Service. Retrieved February 28, 2014.
- ^ "Bromium vSentry and LAVA 3.0 Deliver Complete Threat Protection". Retrieved 2017-04-25.