"Endpoint threat isolation should be a core component of security prevention programs because of the challenge companies face due to increased threat volume," said Roland Cloutier, Chief Security Officer, ADP. "With hardware-enforced isolation and micro-virtualization technology in Bromium's solution, we have an ability to gain increased visibility into threats and act on those attempts in real-time to mitigate their disruption to our business and clients."
BEC enables security teams to efficiently deploy and effectively manage the entire Bromium configuration process, quickly responding to threats while reducing or eliminating helpdesk calls. Recently, a Fortune 50 corporation deployed Bromium across tens of thousands of endpoints in less than 90 days.
Key features and benefits of BEC include:
Streamlined and Scalable Global Deployment - Accelerate deployments at scale with a fully autonomous installation and update engine that does not impinge on existing desktop management systems or personnel.
Simplified and Granular Policy Management - Configure dynamic policy requirements with an advanced engine and granular controls. Fully integrated directory services can assign, deliver and update security policies relevant to individual or group roles.
Centralized Visibility and Actionable Security Intelligence - Monitor, analyze and report on dangerous security events, attack kill chains and risk profiles in real time from a centralized dashboard.
Integration with Threat Intelligence Systems - Publish threat intelligence in real time to SIEM systems and network security tools to provide defense-in-depth. Share threat data in a structured format, such as STIX, with other agencies and organizations to enable cooperation in the fight against cybercrime.
BEC automates deployment and configuration of Bromium vSentry and LAVA, enabling the largest enterprises in the world to immediately realize the benefits of proactive protection from advanced threats and unparalleled visibility into security events. Bromium's patented micro-virtualization technology enables the CPU-based isolation and real-time introspection of unknown Internet tasks as they run on the enterprise's endpoints.
Automatically Defeat Advanced Attacks - Bromium vSentry leverages micro-virtualization to automatically isolate and defeat attacks -- without the need for signatures or whitelists.
Identify and Analyze Malware Execution - Bromium LAVA leverages micro-virtualization to identify and analyze malware execution in each isolated task, including memory changes, files, registry and full packet capture. LAVA analysis is streamed to the Security Operations Center in real time, before automatically remediating the endpoint.
Isolating unknown tasks (and malware) into hardware-isolated micro-virtual machines greatly reduces the attack surface of the endpoint. This technique is now considered an industry best practice.
In Best Practices for Detecting and Mitigating Advanced Persistent Threats, published May 4, 2015, Gartner analysts Lawrence Pingree, Neil MacDonald and Peter Firstbrook wrote, "For 'lean-forward' organizations, consider deploying application containment to isolate risky applications, such as browsers and PDF viewers, from the core endpoint system resources where these applications are the primary avenue of attack."