Why are persistent threats so hard to find?
Some attacks still overpower virtualization security despite major efforts from security providers. This is because attack tools have advanced from user-mode (ring-three) to kernel mode (ring-zero) – rootkits.
The issue is that no software running within the endpoint has a higher level of permission than ring-zero.
The issue is that no software running within the endpoint has a higher level of permission than ring-zero.
Bare-Metal Hypervisor The Ideal Tool For Data IntegrityTo discover user-mode zero-days, as well as stealth malware operating at kernel level, you need a way to view a VM from the outside, while also monitoring its inside processes. This is where the bare-metal hypervisor comes in.
A tool never before used by security vendors, the bare-metal hypervisor provides unalterable, low-level information about the memory used by each virtual machine, while staying isolated from them. |
Redefining Security With Citrix
Hypervisor-based introspection has existed in theories, but was deemed impossible to achieve. Seeing the massive potential for security, Bitdefender and Citrix combined expertise in virtualization and security in an unprecedented collaboration to achieve it.
Bitdefender Hypervisor Introspection (HVI) is the first solution that can offer real-time memory scanning and monitoring for guest virtual machines from a level attackers can’t get to and can’t hide from.
Bitdefender Hypervisor Introspection (HVI) is the first solution that can offer real-time memory scanning and monitoring for guest virtual machines from a level attackers can’t get to and can’t hide from.
HVI constantly monitors low-level memory pages, detecting anomalies even if everything looks normal within the OS. The attack execution is blocked in real time.
If desired, HVI also automatically injects a remediation tool in the Virtual Machine. Your existing solution will take care of any other remaining traces. Real-Time Attack Detection
|
A New Security Architecture
Unparalleled Visibility Into Zero-Days
HVI brings a new approach to zero-day detection by detecting, at memory level, attack techniques used by rootkits, zero-day user-mode exploits, kernel exploits and more. It even prevents attacks that use valid certificates.
Already proven against APTs
HVI has already been tested against some of the best known APTs of recent years, including Carbanak, Turla, APT28, NetTraveler and Wild Neutron.
Minimum Impact on Performance
Bitdefender Hypervisor Introspection runs memory introspection with minimal performance impact. After a lot of effort invested into optimizing the solution, HVI now monitors your VMs raw memory activity without impacting the user’s activity on the machine.
Agentless. Plugs in on top of your security solution
The solution does not require an agent to run in each VM – it detects and secures infrastructures directly at the hypervisor-level, through a security virtual appliance. HVI complements your existing security tools, unlike other solutions that require you to remove and replace existing endpoint protection.
HVI brings a new approach to zero-day detection by detecting, at memory level, attack techniques used by rootkits, zero-day user-mode exploits, kernel exploits and more. It even prevents attacks that use valid certificates.
Already proven against APTs
HVI has already been tested against some of the best known APTs of recent years, including Carbanak, Turla, APT28, NetTraveler and Wild Neutron.
Minimum Impact on Performance
Bitdefender Hypervisor Introspection runs memory introspection with minimal performance impact. After a lot of effort invested into optimizing the solution, HVI now monitors your VMs raw memory activity without impacting the user’s activity on the machine.
Agentless. Plugs in on top of your security solution
The solution does not require an agent to run in each VM – it detects and secures infrastructures directly at the hypervisor-level, through a security virtual appliance. HVI complements your existing security tools, unlike other solutions that require you to remove and replace existing endpoint protection.
Buy from us, get support from our Certified Bitdefender Technical Specialist.