Bromium Looks to Redefine IT Security

Michael Vizard

There’s something fundamentally wrong with the way organizations think about IT security. Instead of figuring out a way to make sure malware never gets a chance to infect our systems, most of our efforts are focused on trying to prevent malware from getting onto the system in the first place.

But Bromium CTO Simon Crosby says consistently detecting and mitigating malware is mathematically impossible. Most widely used approaches to security are based on the assumption that malware can be discovered. Of course, if it is ever actually discovered, no one can really be sure how long it’s been there or determine exactly what it did.

Bromium is advocating the adoption of an entirely new approach to IT security, called vSentry, which is based on a micro hypervisor that allows end users to execute code on their machines in a way that never allows that code to infect any other part of their machine. According to Crosby, what makes this approach so compelling is that not only does it dramatically reduce the total cost of security, it has no impact on the user experience whatsoever.

It’s unlikely that IT organizations are going to reduce the reliance on antivirus software tomorrow. But it’s also clear that the cost of security continues to escalate, especially as cybercriminals and other “bad actors” get more sophisticated in terms of both the tools they use and the approaches to distributing code. Not only does vSentry isolate code on the end-user system, it also provides analytics tools that enable us to see exactly where malware running on top of vSentry came from.

Arguably, IT security vendors have become a little too comfortable creating products that alleviate the symptoms of an IT security breach rather than actually preventing the breach from occurring at all. Virtualization technology holds great promise in terms of helping cure what ails us from a security perspective. While there may never be such a thing as absolute security, right now it feels like no matter how much anybody spends, there still is either no security or only enough to only stop relatively simple attacks. That doesn’t mean we should throw away all our existing security technologies, but it does mean there is a crying need to fundamentally rethink the approach to the problem.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data