Bromium vSentry Adrian Taylor Director, Mobile
Feb 24, 2016
Bromium vSentryAdrian Taylor
Director, Mobile
Paid3644-2276-1234-5678
Bromium Confidential
Zero-dayAdobe Reader $5,000-$30,000Flash, Java $40,000-$100,000Word $50,000-$100,000Internet Explorer $80,000-$200,000iOS $100,000-$250,000
Zero-day price list
Source: http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/
DEMO
Micro-virtualization:Hardware-isolation for untrusted tasks
MicrovisorHardware
Virtualization (VT-x)
Lightweight, fast, hidden, with an unchanged native UX
Hardware-isolates each untrusted Windows task
Uses I/O Virtualization VT-d, TXT & TPM if available
Based on Xen with a tiny, secure code base
Fully integrated into thedesktop user experience
DEMO
ApplicationsOS Libs / Utils
Kernel
Hardware
Desktop
Untrusted Tasks
CPU
Mutually isolates untrustworthy tasks from the Desktop, & each other
http://www.facebook.com
Micro-VMs have “need to know” access to
files, networks, and the user’s desktop
Micro-VMs execute “Copy on Write”
Malware is automatically
discarded
LIVE ATTACK VISUALIZATION AND ANALYSIS : LAVA
3. Full attack execution
2. One task per micro-VM
1. Micro-VM Introspection
APIs for Live Attack Analysis
DEMO
Bromium Confidential
Desktop, Laptop, Tablet and Smartphone
2012 2013 Future
Thank you