Resources

Securing the endpoint with Micro-Virtualization

Presented by Fraser Kyne, Bromium UK at Best Practice For End to End Software Security

With an attack surface of many tens of millions of lines of code, commodity operating systems such as Windows and OS X pose an easy target for hackers. Users may be duped into exposing their systems to such attacks through a variety of means such as a malicious web links, poisoned email attachments or rogue USB sticks, though increasingly attackers are using techniques such as malicious advertisements or "watering hole" attacks that compromise systems without the user even having to click on anything bad. Existing security products do a poor job of defending against such attacks and are easily evaded by zero-day or polymorphic malware. This talk introduces an new approach called micro-virtualization, in which a separate virtual machine OS instance is created for each individual task that a user performs. Hence each web site, each document, each spreadsheet etc opens in its own isolated micro-VM. Hardware virtualization capabilities of modern CPUs can be used to achieved robust isolation between micro-VMs with excellent performance and an unchanged user experience. Hence micro-virtualization provides a practical implementation of the principal of least privilege that operates below the client OS, implemented using a small, hardened code base that is orders of magnitude harder to attack.

Subscribe to the CW newsletter

Sign me up

This site uses cookies.

We use cookies to help us to improve our site and they enable us to deliver the best possible service and customer experience. By clicking accept or continuing to use this site you are agreeing to our cookies policy. Learn more

Start typing and press enter or the magnifying glass to search

Sign up to our newsletter
Stay in touch with CW

Choosing to join an existing organisation means that you'll need to be approved before your registration is complete. You'll be notified by email when your request has been accepted.

i
Your password must be at least 8 characters long and contain at least 1 uppercase character, 1 lowercase character and at least 1 number.

I would like to subscribe to

Select at least one option*

CW TEC 2024: Engineering AI for Critical Systems

CW TEC 2024 focuses on integrating AI in critical industries, highlighting this technology's potential and engineering challenges. Join us on 27 June at the Computer Laboratory, University of Cambridge

Book your place today

Cambridge Tech Week is back!

CTW returns for 2024 from 9 - 13 September in the heart of Cambridge.

Register your interest today

Cambridge Wireless connects the wireless community

Cambridge Wireless is a vibrant membership organisation for companies involved in the research, development and application of wireless and associated technologies.

Find out more about membership

CW Techsters is back for its third year

CW Techsters is a free programme that enables young people aged 16-22 to learn about the basics of technologies while challenging them to think about real-world issues

Find out more about CW Techsters

CW announces their participation in UK Telecoms Innovation Network

CW joins Digital Catapult,University of Bristol and West Midlands 5G to set up and oversee a new network dedicated to boosting creativity in the country’s telecoms supply chain

Find out more

CW Academy

Boost your business and marketing skills with our new training courses led by world-class product and technology specialists

find out more