VMware acquires Determina

As silently as with Propero acquisition, VMware acquired security firm Determina.

The news was passed to Gartner the same day the company launched its IPO:

On 13 August 2007, VMware informed Gartner that it has acquired Determina, a vendor of a host-based intrusion prevention system (HIPS) technology. There has been no public announcement of the acquisition.

Determina brings two HIPS capabilities to VMware. First, the Determina Memory Firewall HIPS solution protects an operating system (OS) and applications against unauthorized memory and program control-flow manipulation – for example, heap and stack overflows, buffer overflows, and similar techniques used by hackers to inject malicious code into running processes.

Second, as a byproduct of its memory protection approach, the Determina technology can also be used to inject new (or modified) code on the fly. This ability to perform “hot patching” is the foundation of the Determina LiveShield solution – a shielding alternative built by reverse-engineering patches used to protect vulnerable systems without a reboot until a permanent patch can be applied.

We believe that these capabilities will be included at no cost in one or more future versions of VMware products, including the ESX hypervisor. The Determina technologies will be discontinued for stand-alone purchase, regardless of whether they would be used for VMware-based guest OSs…

Read the whole Gartner analysis at the source.

Determina solutions are interesting: read a 12-pages whitepaper about the technology approach here, and watch a 1-hour video about the kind of attacks the company can protect against here.

Like Determina, other security firms adapted their technologies to new virtualization scenarios, but all of them are simply deploying existing products inside a virtual machine instead of a physical server. With Determina acquisition, VMware will probably introduce the first real security solution to protect virtual machines at the host level.

VMware is working also on another security solutions called Update Manager, which is able to simplify and in some cases automate the patching of guest operating systems. Update Manager will be part of upcoming ESX Server 3.1 as virtualization.info revealed last week.

Thanks to SearchSecurity for the news.