“The introduction of Bromium Advanced Endpoint Security marks a strategic step forward for our company and sets the bar for next-generation endpoint protection,” said Ian Pratt, co-founder and CEO, Bromium. “Bromium endpoint security is already trusted by the world’s largest enterprises and governments as the only way to defeat targeted, zero-day attacks that routinely bypass every other security product. Now Bromium is able to uniquely secure enterprises across the entire threat life cycle, extending our unparalleled protection and threat analysis with powerful capabilities to quickly detect and respond to attacks.”
In the report, Designing an Adaptive Security Architecture for Protection From Advanced Attacks[1], Gartner analysts Neil MacDonald and Peter Firstbrook wrote, “Enterprises are overly dependent on blocking and prevention mechanisms that are decreasingly effective against advanced attacks. Comprehensive protection requires an adaptive protection process integrating predictive, preventive, detective and response capabilities.” Bromium Advanced Endpoint Security includes several modules to deliver the industry’s only complete endpoint protection for an enterprise. Bromium Endpoint Protection leverages micro-virtualization to hardware isolate websites, email, documents, USB and executables to prevent endpoint compromise. Bromium Endpoint Monitoring introduces continuous host monitoring to monitor trusted content for the potentially risky and known bad. Bromium Threat Analysis delivers real-time attack forensics to enable an automated response to security events, improving enterprise-wide security.
The features and benefits of Bromium Advanced Endpoint Security include:
- Proactive Endpoint Protection – Bromium Endpoint Protection utilizes micro-virtualization to hardware isolate untrusted execution of websites, email, files, documents, file sharing, USB and executables, delivering unparalleled endpoint protection from zero-day attacks and advanced persistent threats, even on unpatched machines and untrusted networks.
- Sophisticated Detection to Eliminate Security Gaps – Bromium Endpoint Monitoring introduces continuous host monitoring to provide real-time alerts with comprehensive threat intelligence by monitoring all execution for deviations from “known good” as well as a “known-bad” blacklist of every newly identified attack.
- Real-time Analysis and Introspection – Bromium Threat Analysis leverages real-time events from all enterprise endpoints, correlating global threat intelligence from a Bromium-operated threat cloud to deliver forensic detail for each attack without false positives. Bromium Threat Analysis delivers a continuous feed of “known-bad” and Bromium-detected IOCs to all endpoints, enhancing its ability to detect malicious activity. Bromium-protected endpoints collaborate to help protect the entire enterprise.
- Avoid Time-consuming and Costly Remediation – Micro-virtualization eliminates persistence because each micro-VM is discarded when the task is completed. Hardware isolation separates an attacked system from the enterprise network, preventing malware from pivoting onto other machines. Bromium protected endpoints are secure even when using unpatched or unsupported third-party software.
- Optimisation for Windows 10 –Bromium Advanced Endpoint Security extends the in-box virtualization-based security of Windows 10 to deliver the world’s most secure endpoint. Customers should integrate Bromium Advanced Endpoint Security as they roll out Windows 10 to gain enterprise-wide visibility to rapidly detect any breach. In addition, the solution seamlessly extends Windows 10 Device Guard to isolate, defeat and automatically remediate attacks from the Web, untrusted files, executables and thumb drives.
