Bromium aims to protect users on the move with upgraded virtualization software

The company can now also capture hacker activities and play them back later

Bromium's small virtual machines have been updated to protect users who send documents or connect to public wireless hotspots when on the move.

The core of Bromium's vSentry software uses Intel CPU hardware features to isolate untrustworthy tasks on Windows in a micro-VM on the fly, and guarantees that any malware the users come across will be defeated and discarded without the user noticing, according to the company.

"Our goal is that the user should have absolutely no idea that we are there," said Simon Crosby, co-founder and CTO at Bromium.

With vSentry 2.0, which became generally available on Tuesday, Bromium protects users that access enterprise applications via wireless hotspots or other untrusted networks. Whether the apps are hosted or run in the enterprise's own data center, the technology provides end-to-end security, according to Crosby.

The portal used to log in to the untrusted network runs separately in a micro-VM.

"When the bad guy shows up in that context he doesn't see anything beyond the login site. I want to be very clear about this: the bad guy will not see any keystrokes, mouse clicks or any other application on the desktop. So there is no way he can steal anything," Crosby said.

The upgrade also offers protection when users are exchanging documents. Up to now, products have forced users to make a decision on whether, for example, a Word document is secure or not. But with vSentry 2.0 that is no longer the case.

"We give the user a completely native experience for Word or whatever the tool is, but it always runs in a micro-VM," Crosby said.

An important part of Bromium's offering is the ability to collect attack data for analysis using the Live Attack Visualization and Analysis (LAVA) engine -- giving security staff in-depth information about attacks in real-time.

"In version 1, we essentially gave you a trace of the malware's activity, but now we actually capture the malware and keep it for forensic evidence. Allowing the attack to be replayed in order to learn more about it," Crosby said.

Bromium has also added support for Structured Threat Information eXpression (STIX) to LAVA, which is an emerging XML standard for threat information.

For any upstart -- especially one that like Bromium does things differently -- customer references are important to show that its software or hardware can be trusted.

"The language in the security market is totally bankrupt, because all the vendors claim they are secure and they all lie and customers know that. So you can go out there and say whatever you want until you are blue in the face and nobody will believe you," Crosby said.

When claims are backed up by high-caliber references, however, they start to resonate. It's a critical step for Bromium, then, to able to say that NYSE Euronext uses vSentry, according to Crosby.

Bromium is working on adding support for a number of other operating systems in addition to Windows 7, including Windows 8 and Mac OS X.

"Windows 8 is actively being demoed to customers. The bit that hasn't landed yet is all the Metro support. Android is also being demoed and Mac is going into beta," Crosby said.

The list price for vSentry 2.0 is $150 per seat, with volume discounts available.

Send news tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags securitymobile securityDesktop securityBromiumdata protection

More about EuronextIntelNYSE

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Mikael Ricknäs

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place