- Cloud Essentials
- Software as a Service
- Accounting / Financial
- Asset Management
- Business Intelligence
- Business Process Management
- Compliance & Risk Management
- Content Management
- Document Management
- Help Desk Management
- IT / Application Management
- Project Management
- Transportation & Logistics
- Infrastructure as a Service
- Platform as a Service
Bromium technology keeps code in solitary confinement for security
Bromium has revealed more details of its technology, claiming to shake up the face of security
The security industry has been dealing with malware the wrong way and a new approach is needed to improve enterprise security. That’s according to Ian Pratt, senior vice president of products at Bromium, the keenly-awaited security start-up founded by Pratt, his former college (and ex-Citrix CTO) Simon Crosby, and Gaurav Banga, former CTO of Phoenix.
Bromium has developed a technology called micro virtualisation that aims to envelop all executable code within a micro virtual machine, isolating it from the rest of the system.
Pratt explains the thinking behind the technology. “How a PC works today, a user browsing the web or clicking on an attachment in email is executing code – that is a potential cause for compromise. Anti-virus companies work by looking at the mail and working out whether it’s harmful or not – in other words, they rely on what’s been seen before,” said Pratt.
“The beauty of what we do,” he added, “is that we isolate all code so that decision doesn’t have to be made. All tasks are isolated inside their own micro VM so that could be compromised but the rest of the system isn’t. When the user closes the mail, then the VM is rejected. It’s like you’re starting with a new machine every time.”
The system has been tested since January and there’s been perceived lack of performance arising from the extra steps, nor has any malware penetrated any of the triallists’ systems. Bromium is not actually releasing product but is looking for further participants in a beta-trial. “We’re not in a position to announce a product just yet, “ said Pratt, “but it will definitely be this year.”
There as yet no further details on pricing or how it’s going to be sold, although Pratt said it would best fit a pay-per-device model/ “We won’t be supporting every operating system from the outset but it won’t be hard to guess where we’ll be concentrating – Windows, OS X and Android, “ said Pratt. There are no immediate plans to include mobile phones but that will come in time, he added.
A key strength of the technology is the size of the code base. The smaller the code, the less chance that it could be exploitable said Pratt.
“Bromium will change the malware industry,” claimed Pratt. “It’s a very different product from existing anti-virus products. It’s been hard to spot the bad guy – that’s why we’ve had the arms race.”
It will be game-changer for enterprises, predicted Pratt. “The more security conscious enterprises have been doing things like locking down machines, limiting access to web to prevent security breaches. But you have to give access, for example, HR is obliged to look at every CV sent to them – but have no means of assessing whether it’s malware.
The technology is being aimed at enterprise-owned assets at first, but as Pratt acknowledged, it could also be used to power companies implementing a bring-your-own device policy.