Presented by: Simon Crosby, CTO & Co-Founder, Bromium Inc.
Mobility, the consumerization of devices and networks, adoption of cloud based services, and ready access to the web lead inexorably toward a stark reality: IT is out of control. As a result, sophisticated attackers penetrate enterprise infrastructure with alarming ease. Security budgets are growing, but protection seems elusive, and locking down users makes them less productive and frustrated, leading to “shadow IT”.
Something is profoundly wrong. Even enterprises that use the most sophisticated security products cannot prevent compromises. Security vendors offer a seemingly endless succession of fancily named technologies that aspire to greater protection, but they gloss over a fatal flaw, namely the undeniable fact that the “detect to protect” paradigm has passed its sell-by date.
Luckily there is a silver lining to this cloud: Thanks to the relentless progress of Moore’s Law, every PC/Mac and mobile device already has CPU features that can enable it to protect itself by design, on untrusted networks and in the hands of unreliable users.
Micro-virtualization – an evolution of CPU-based hardware virtualization - is a new approach that uses hardware to enforce protection, without relying on detection. Each browser tab, document, attachment or file from detachable storage is automatically hardware isolated on the CPU, with no change to the user workflow. The PC automatically defeats each attack, staying gold. It automatically self-remediates by discarding the contents of each hardware-isolated task, and can safely run unpatched 3rd party applications – such as legacy Java.
In addition, the hardware-backed protection of micro-virtualization permits the device to automatically track the execution of malware, eliminating false alarms and delivering false-alarm free, real-time forensic insights – the needle instead of the haystack.
This talk will present a brief tour through the use of virtualization technologies to simplify management and delivery of secure end-user computing. It will cover in depth the concept of micro-virtualization, highlighting key differences from traditional VM based approaches. It will use live demos of attacks to show how introspection transforms forensics and eliminates remediation.