Microsoft recently announced at the annual Microsoft Ignite conference that the company will implement further security enhancements to the Windows 10 OS with Bromium’s Virtualization-Based Security (VBS) and micro-virtualization (or micro-VM) for increased endpoint security. Microsoft and Bromium
With the latest update, Bromium extends VBS and micro-VM to Windows 10 Enterprise and Windows Insiders to protect endpoints from attacks that target vulnerable applications, and automates the complex and expensive “detect-protect-respond” cycle. In the Windows 10 update codenamed “Redstone 2” scheduled for shipping in 2017, Microsoft will extend the benefits of VBS hardware virtualization to the application layer isolating the Microsoft Edge browser. This feature, dubbed Windows Defender Application Guard (WDAG), aims to protect the endpoint from an attack that takes advantage of a vulnerability in Edge to launch an attack on the endpoint and then the enterprise to prevent malicious code from moving across employee devices and the corporate network.
Bromium uses a lightweight, CPU-enforced micro-VM to isolate untrusted execution of website activity and separating them from the enterprise network. Their solution protects against malicious code triggered into execution by user actions such as clicking on links, opening email attachments, and interacting with files. This allows protection against zero-day malware and advanced persistent threats, even on unpatched machines and untrusted networks on the endpoint. Continuous host monitoring is used to provide real-time alerts with comprehensive threat intelligence by monitoring all executions against ‘known good’ and ‘known-bad’ lists. It combines this with with threat intelligence monitoring from the cloud to eliminate false positives.
This update is the latest extension of both companies’ partnerships. Microsoft and Bromium began their collaboration in 2015 where Microsoft utilized Bromium’s micro-VM technology to massively improve Windows endpoint security. The partnership has proven valuable for both companies as more software vendors and increasing attention for enhanced security capabilities to their products.