In June last year, Simon Crosby at that time CTO of Citrix and Ian Pratt VP of Advanced Virtualization products at Citrix announced that they were leaving Citrix to start a new company called Bromium. More than a year later, Bromium released the first version of their vSentry product. Now Bromium has released version 1.1. as announced in a blog post today.
vSentry is a security product which uses a so called Microvisor which is a security-focused hypervisor that automatically, instantly and invisibly hardware-isolates each vulnerable Windows task in a micro-VM that cannot modify Windows or gain access to enterprise data or network infrastructure. The Microvisor uses the VT-x functionality from a system allowing tasks running on systems to run only with the strict low privilege rights needed, giving threats no chance to infiltrate the system. The product runs on top Windows XP and the 32 and 64 bit versions of Windows 7. Support for Mac OSX is expected in early 2013. It now also supports web based protection on Virtual Desktop Infrastructure (VDI) scenarios running on top of Microsoft Remote Desktop Services (RDS) and Citrix XenDesktop or VMware View and Bromium expects to evolve this functionality to all untrustworthy content and services.
vSentry 1.1 also introduces the Live Attack Visualization and Analysis (LAVA) functionality which allows for discovery of zero-day attacks, identification of malware signatures and root kit detection and the Bromium Management Server(BMS) providing a centralized web service for vSentry policy management, collection of LAVA events and correlation of attack data. BMS also povides a centralized console for visualization and analysis of malware forensics. It can also be used to input data into other security analysis systems such as SIEMs, 3rd party consoles such as McAfee ePO or Symantec SEP, or big data platforms such as Splunk.