Bromium on:
[Wikipedia]
[Google]
[Amazon]
Bromium, Inc., was a
Bromium's technology is called micro-virtualization, which is designed to protect computers from malicious code execution initiated by the end user, including rogue web links, email attachments and downloaded files. Its virtualization technology relies on hardware isolation for protection.
It is implemented by a late-load
venture capital
Venture capital (VC) is a form of private equity financing provided by firms or funds to start-up company, startup, early-stage, and emerging companies, that have been deemed to have high growth potential or that have demonstrated high growth in ...
–backed startup based in Cupertino, California
California () is a U.S. state, state in the Western United States that lies on the West Coast of the United States, Pacific Coast. It borders Oregon to the north, Nevada and Arizona to the east, and shares Mexico–United States border, an ...
that worked with virtualization technology
x86 virtualization is the use of hardware-assisted virtualization capabilities on an x86/x86-64 CPU.
In the late 1990s x86 virtualization was achieved by complex software techniques, necessary to compensate for the processor's lack of hardware-a ...
. Bromium focused on virtual hardware claiming to reduce or eliminate endpoint computer threats like viruses
A virus is a submicroscopic infectious agent that replicates only inside the living cells of an organism. Viruses infect all life forms, from animals and plants to microorganisms, including bacteria and archaea. Viruses are found in almo ...
, malware
Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
, and adware
Adware, often called advertising-supported software by its developers, is software that generates revenue by automatically displaying Online advertising, online advertisements in the user interface or on a screen presented during the installatio ...
. HP Inc. acquired the company in September 2019.
History
Bromium, Inc., was founded in 2010 by Gaurav Banga, who was later joined by former Citrix and XenSource executives Simon Crosby and Ian Pratt. By 2013, the company had raised a total of $75.7 million in three rounds of venture funding. The rounds raised $9.2 million, $26.5 million, and $40 million respectively with venture firms such asAndreessen Horowitz
AH Capital Management, LLC (commonly known as Andreessen Horowitz, or a16z) is an American privately held venture capital firm, founded in 2009 by Marc Andreessen and Ben Horowitz. The company is headquartered in Menlo Park, California. As of M ...
, Ignition Partners, Lightspeed Venture Partners
Lightspeed Venture Partners is a global venture capital firm focusing on seed stage, early stage investments and growth stage investments in the enterprise, fintech, consumer and healthcare sectors. Lightspeed has eleven offices globally and as o ...
, Highland Capital Partners
Highland Capital Partners is a global venture capital firm with offices in Boston, Silicon Valley, and San Francisco. Highland has raised over $4 billion in committed capital and invested in more than 280 companies, with 47 IPOs and 134 acqui ...
, Intel Capital
Intel Capital Corporation started off as the investment arm of Intel Corporation in 1991 and in January 2025, it spun off as a standalone investment fund. Intel Capital makes equity investments in a range of technology startups and companies off ...
, and Meritech Capital Partners. Bromium shipped its first product, 1.0, in September 2012. Notable early clients included the New York Stock Exchange
The New York Stock Exchange (NYSE, nicknamed "The Big Board") is an American stock exchange in the Financial District, Manhattan, Financial District of Lower Manhattan in New York City. It is the List of stock exchanges, largest stock excha ...
and ADP.
In February 2014, the company published information about bypassing several key defenses in Microsoft
Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
's Enhanced Mitigation Experience Toolkit
Enhanced Mitigation Experience Toolkit (EMET) is a freeware security toolkit for Microsoft Windows, developed by Microsoft. It provides a unified interface to enable and fine-tune Windows security features. It can be used as an extra layer of def ...
(EMET) by taking advantage of the inherent weakness of its reliance on known vectors of return-oriented programming
Return-oriented programming (ROP) is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as executable-space protection and code signing.
In this technique, an attacker gains con ...
(ROP) attack methods. In February 2017, HP and Bromium announced a partnership to build and ship a laptop with micro-virtualization technology built in, starting with the HP EliteBook x360.
In September 2019, HP announced it had acquired Bromium for an undisclosed sum.
Technology
Bromium's technology is called micro-virtualization, which is designed to protect computers from malicious code execution initiated by the end user, including rogue web links, email attachments and downloaded files. Its virtualization technology relies on hardware isolation for protection.
It is implemented by a late-load hypervisor
A hypervisor, also known as a virtual machine monitor (VMM) or virtualizer, is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called ...
called a Microvisor, which is based on the open-source Xen hypervisor. The Microvisor is similar in concept to a traditional hypervisor installed on a server
Server may refer to:
Computing
*Server (computing), a computer program or a device that provides requested information for other programs or devices, called clients.
Role
* Waiting staff, those who work at a restaurant or a bar attending custome ...
or desktop computer's operating system
An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs.
Time-sharing operating systems scheduler (computing), schedule tasks for ...
. Traditional virtual machines
In computing, a virtual machine (VM) is the virtualization or emulator, emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. Their implementations may involve ...
are full versions of an operating system, but the Microvisor uses the hardware virtualization features present in modern desktop processors to create specialized virtual machines tailored to support specific tasks called micro-VMs. When a new application is opened, a link is clicked on, or an email attachment is downloaded, the Microvisor creates a micro-VM tailored to that specific task allowing access to only those resources required to execute. By placing all vulnerable tasks inside micro-VMs that are tied to the hardware, there is no way for malware to escape through a sandbox layer and attack the host environment (i.e. the operating system in which micro-VMs are executed). Each process gets its own micro-VM, and that virtual machine is disposed of when the process stops, destroying any malware with it.
The Microvisor enforces the principle of least privilege
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction l ...
by isolating all applications and operating system functions within a micro-VM from interacting with any other micro-VM, the protected desktop system, or the network the protected desktop is embedded in.
The architecture specifically relies on x86 virtualization
x86 virtualization is the use of hardware-assisted virtualization capabilities on an x86/x86-64 CPU.
In the late 1990s x86 virtualization was achieved by complex software techniques, necessary to compensate for the processor's lack of hardware ...
to guarantee that task-specific mandatory access control (MAC) policies will be executed whenever a micro-VM attempts to access key Windows
Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
services. Since Micro-VMs are hardware-isolated from each other and from the protected operating system, trusted and untrusted tasks can coexist on a single system with mutual isolation.
The Microvisor’s attack surface is extremely narrow making exploits prohibitively expensive to execute. A report from NSS Labs detailed penetration testing of the Bromium architecture, which achieved a perfect score in defeating all malware and expert human attempts at penetration.
Products
1.0 was available forWindows 7
Windows 7 is a major release of the Windows NT operating system developed by Microsoft. It was Software release life cycle#Release to manufacturing (RTM), released to manufacturing on July 22, 2009, and became generally available on October 22, ...
. requires an Intel
Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...
processor with VT-x
x86 virtualization is the use of hardware-assisted virtualization capabilities on an x86/x86-64 CPU.
In the late 1990s x86 virtualization was achieved by complex software techniques, necessary to compensate for the processor's lack of hardware-a ...
and EPT. 2.0 became available in June 2013 and added a feature that protects users when exchanging documents. Bromium Live Attack Visualization and Analysis (LAVA) was released in 2014 and provided the ability to collect attack data detected within a micro-VM for analysis and supported Structured Threat Information eXpression (STIX), an emerging XML
Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing data. It defines a set of rules for encoding electronic document, documents in a format that is both human-readable and Machine-r ...
standard for threat information at that time. 3.0 became available in December 2015 and included support for behavioral analysis of executable code. The product is now called HP SureClick.
See also
* Qubes OSReferences
External links
* {{Official Website, https://www8.hp.com/us/en/solutions/sure-click-enterprise.html Computer security companies Companies based in Cupertino, California Software companies based in the San Francisco Bay Area Hewlett-Packard acquisitions Defunct software companies of the United States 2010 establishments in the United States Software companies established in 2010 2010 establishments in California