Bromium vSentryAdrian Taylor

Director, Mobile

Paid

3644-2276-1234-5678

Bromium Confidential

Zero-day

Adobe Reader $5,000-$30,000

Flash, Java $40,000-$100,000

Word $50,000-$100,000

Internet Explorer $80,000-$200,000

iOS $100,000-$250,000

Zero-day price list

Source: http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/

DEMO

Micro-virtualization:Hardware-isolation for untrusted tasks

Microvisor

HardwareVirtualization

(VT-x)

Lightweight, fast, hidden, with an unchanged native UX

Hardware-isolates each untrusted Windows task

Uses I/O Virtualization VT-d, TXT & TPM if available

Based on Xen with a tiny, secure code base

Fully integrated into thedesktop user experience

DEMO

Applications

OS Libs / Utils

Kernel

Hardware

Desktop

Untrusted Tasks

CPU

Mutually isolates untrustworthy tasks from the Desktop, & each other

http://www.facebook.com

Micro-VMs have “need to know” access to

files, networks, and the user’s desktop

Micro-VMs execute “Copy on Write”

Malware is automatically

discarded

LIVE ATTACK VISUALIZATION AND ANALYSIS : LAVA

3. Full attack execution

2. One task per micro-VM

1. Micro-VM Introspection

APIs for Live Attack Analysis

DEMO

Bromium Confidential

Desktop, Laptop, Tablet and Smartphone

2012 2013 Future

Thank you