Bromium Endpoint Protection
The Evolution to a Secure Platform
Uses virtualization-based security and isolation technology to dramatically decrease attack surfaces, monitor suspicious activity, and contain threats online or offline inside of micro virtual machines in an easy to deploy and quick time-to-value platform.
Each Bromium protected endpoint and server is part of a sensor network that performs threat analysis and instantly shares indicators of compromise with the rest of the network for faster time to resolution. Security Operations Center teams can access detailed forensics with full kill-chain analysis and visualization garnered from each micro-VM, for
enterprise-wide visibility and control.
The Bromium Secure Platform is an advanced security solution that delivers enterprise protection and visibility with minimal user impact and low resource overhead, isolating host-based threats.
Bromium’s unique, patented hardware-enforced isolation technology leverages native virtualization-based security functions in Intel and AMD CPUs to protect against external threats for protected applications like Office documents and PDFs.
Monitoring of the user execution space detects and responds to malicious activity on the host for persistent or insider threats on endpoints and servers, delivering full visibility to SOC analysts.
Protection and Visibility Use Cases:
- Phishing emails for malware
- Drive-by download
- Watering hole attacks
- Macro-enabled Trojans
- File-less malware (e.g. PowerShell)
- Persistent malware
- Insider threats
- Kill-chain analysis
- Malware forensics
- Incident response
- IOC and IOA analysis
- Automated quarantine and blacklisting