Virtualization Technology News and Information
Bromium Enhances Award-winning Endpoint Protection with Bromium Enterprise Controller

Bromium, Inc., the pioneer of threat isolation to prevent data breaches, today announced the general availability of Bromium Enterprise Controller (BEC), a scalable security management platform that delivers one-click deployment, policy orchestration, monitoring and threat management for enterprise endpoint infrastructure. BEC complements Bromium vSentry and LAVA to enable the largest organizations in the world to efficiently transform their enterprise security infrastructure to defeat advanced cyber attacks and prevent data breaches - faster than ever.

"Endpoint threat isolation should be a core component of security prevention programs because of the challenge companies face due to increased threat volume," said Roland Cloutier, Chief Security Officer, ADP. "With hardware-enforced isolation and micro-virtualization technology in Bromium's solution, we have an ability to gain increased visibility into threats and act on those attempts in real-time to mitigate their disruption to our business and clients."

BEC enables security teams to efficiently deploy and effectively manage the entire Bromium configuration process, quickly responding to threats while reducing or eliminating helpdesk calls. Recently, a Fortune 50 corporation deployed Bromium across tens of thousands of endpoints in less than 90 days.

Key features and benefits of BEC include:

  • Streamlined and Scalable Global Deployment - Accelerate deployments at scale with a fully autonomous installation and update engine that does not impinge on existing desktop management systems or personnel.
  • Simplified and Granular Policy Management - Configure dynamic policy requirements with an advanced engine and granular controls. Fully integrated directory services can assign, deliver and update security policies relevant to individual or group roles.
  • Centralized Visibility and Actionable Security Intelligence - Monitor, analyze and report on dangerous security events, attack kill chains and risk profiles in real time from a centralized dashboard.
  • Integration with Threat Intelligence Systems - Publish threat intelligence in real time to SIEM systems and network security tools to provide defence-in-depth. Share threat data in a structured format, such as STIX, with other agencies and organisations to enable cooperation in the fight against cyber crime.

BEC automates deployment and configuration of Bromium vSentry and LAVA, enabling the largest enterprises in the world to immediately realize the benefits of proactive protection from advanced threats and unparalleled visibility into security events. Bromium's patented micro-virtualization technology enables the CPU-based isolation and real-time introspection of unknown Internet tasks as they run on the enterprise's endpoints.

  • Automatically Defeat Advanced Attacks - Bromium vSentry leverages micro-virtualization to automatically isolate and defeat attacks - without the need for signatures or whitelists.
  • Identify and Analyze Malware Execution - Bromium LAVA leverages micro-virtualization to identify and analyze malware execution in each isolated task, including memory changes, files, registry and full packet capture. LAVA analysis is streamed to the Security Operations Center in real time, before automatically remediating the endpoint.

Isolating unknown tasks (and malware) into hardware-isolated micro-virtual machines greatly reduces the attack surface of the endpoint. This technique is now considered an industry best practice.

In Best Practices for Detecting and Mitigating Advanced Persistent Threats, published May 4, 2015, Gartner analysts Lawrence Pingree, Neil MacDonald and Peter Firstbrook wrote "For "lean-forward" organizations, consider deploying application containment to isolate risky applications, such as browsers and PDF viewers, from the core endpoint system resources where these applications are the primary avenue of attack."

Published Wednesday, June 03, 2015 7:02 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<June 2015>