Above All Else…
I’m seeing a growing trend of compliance/policy enforcement tools avowed as security solutions, attempting to capitalize on the waning abilities of existing protection technologies to secure...
View ArticleA-Tisket, A-Tasket
At Bromium, we think of everything, or rather we think of each thing you’re doing – as a task. In an earlier blog, our CTO, Simon Crosby, stated that we define a task as “the most granular unit of...
View ArticleAre you the victim of a targeted attack?
You are constantly inundated with warnings about targeted attacks and Advanced Persistent Threats (APTs). But how can you determine if your organization is actually being targeted or is just...
View ArticleThe Ghosts of Malware Past
The year was 1987. Bon Jovi’s Livin’ on a Prayer was blasting through every cassette player. Fred Cohen, the man who arguably coined the phrase “computer virus“ in his paper, Computer Viruses: Theory...
View ArticleISSA Journal: Heap Sprays to Sandbox Escapes
I’m pleased to post my article that got published in the January 2013 release of the International ISSA journal. The title of the article is “Heap Sprays to Sandbox Escapes: A Brief History of Browser...
View ArticleThe Friction Affliction
Reformed burglars will tell you that leaving the TV on at night is a better theft deterrent than the best alarm system. Most of us don’t think of our television as a security device, let alone a better...
View ArticleSo NBC.com got hacked. So what?
Earlier today, Brian Kerbs tweeted about the NBC.com hack – at which point both Simon Crosby and I naturally headed to NBC.com to see what was what. Upon visiting the site we received a LAVA alert that...
View ArticleBlackHat EU’13: Are You Playing Sandbox Roulette?
This week my colleague Rafal and I had fun presenting our latest research on sandboxing, @BlackHat EU, in Amsterdam. We showed how to bypass popular application sandboxes on Windows viz: Sandboxie,...
View ArticleAlways In or Always Out: Another BYODisappointment
Most CIOs that I meet have some sort of plan for BYOD. After all, the C-level execs want to use their MacBooks at home and at work! The idea is so popular that even the Federal Government is trying...
View ArticleMicro-virtualization for the Security Architect
Micro-virtualization is a powerful construct that allows us to defend an endpoint “by design” – by hardware-isolating individual untrustworthy OS tasks using Intel® VT. (If you are unfamiliar with our...
View ArticlevSentry and the Art of VDI Security
Much has been written about whether VDI itself is inherently “secure”. This blog will not attempt to answer that question. Instead I want to focus on how we, at Bromium, view VDI security, and how we...
View ArticleHey, We’re a “Cool Vendor”! Wait, What Does That Really Mean?
Every year, Gartner designates a select number of companies as “Cool Vendors” in their respective market categories. This year, I’m proud to say that Bromium has joined this elite group and been named...
View ArticleThe Problem
Take Our Poll We’re in the second half of the year, which means a long array of tradeshows is now behind us. On the heels of the most recent events I’ve attended, Gartner Security and Risk Management...
View ArticleOn Survivorship Bias and Bulletproof Umbrellas
According to Gartner’s recent report: “Strategies for Dealing With Advanced Targeted Attacks”, we’re in the eye of a five years’ storm; a pwnado (or would you prefer malwarricane? vulncano?). However,...
View ArticleRelax! Java is OK – and Easy to Secure
It’s become cool, particularly among those that sport Macs, to scoff at Java and pretend that it’s an anachronism that the world doesn’t need. Perhaps it’s a re-enactment by the Apple faithful of...
View ArticleThe Final Sandbox #fail?
At Black Hat USA 2013 the Bromium Labs team will demonstrate a second fundamental design flaw present in all Windows sandboxes (sometimes called “software virtual containers”). The flaw allows malware...
View ArticleIntroducing LAVA
When I say LAVA I mean the Live Attack Visualization & Analysis automated framework Gaurav and Simon mentioned in their recent vSentry announcement blogs. The intent of this blog is to introduce,...
View ArticleAbove All Else…
I’m seeing a growing trend of compliance/policy enforcement tools avowed as security solutions, attempting to capitalize on the waning abilities of existing protection technologies to secure...
View ArticleA-Tisket, A-Tasket
At Bromium, we think of everything, or rather we think of each thing you’re doing – as a task. In an earlier blog, our CTO, Simon Crosby, stated that we define a task as “the most granular unit of...
View ArticleAre you the victim of a targeted attack?
You are constantly inundated with warnings about targeted attacks and Advanced Persistent Threats (APTs). But how can you determine if your organization is actually being targeted or is just...
View Article