Bitdefender Dictates New Standard for Virtualized Infrastructure Security

May 2015

Bitdefender, the visionary security company, today unveiled its Hypervisor-based Memory Introspection technology. For virtualization vendors and datacenter administrators, the technology solves the ‘context versus isolation’ dilemma of security. Providing complete insight into virtualized endpoints with zero footprint within the endpoints is accomplished by inspection at the hypervisor level, a method deemed impossible, until now.

There are known privilege limitations in operating systems that traditional in-guest security solutions are unable to address due to architectural constraints. Traditionally, security companies have been able to build solutions only at the only same, ring-zero/root/administrator level of privilege as advanced persistent threats (APTs) – resulting in a game of equal privilege between attackers and defenders.

Bitdefender Hypervisor-based Memory Introspection uses a higher level of privilege by leveraging hypervisor privileges (ring-minus-one) to detect and defeat attacks and previously installed malware. Also avoiding the assumption of a clean-state of the protected infrastructure, remediation techniques take advantage of a unique method of injecting Bitdefender Clean-up Tools into a running virtual endpoint.

The result of Bitdefender's advanced research efforts, Hypervisor-based Memory Introspection further empowers datacenter owners in protecting data within virtualized endpoints. It protects Windows and Linux endpoints from a level in the stack that is below guest operating systems, overcoming privilege paradoxes between security and malicious activities.

The company is providing technology demonstrations on the exhibition floor at booth 403 during Citrix Synergy, in Orlando May 12-14.

  • Traditionally, an operating system kernel controls hardware access; when virtualized, they interact only with underlying hypervisors, which, in-turn, control hardware access
  • Traditionally, in-guest security leverages kernel features, as do the attacks and malware targeting those endpoints
  • Hypervisor-based Memory Introspection operates from the virtualized infrastructure, below virtualized endpoints
  • Zero-footprint in virtualized systems – security insight without exposure

"Fundamentally, when both security and attackers are operating with kernel-level permissions, it’s a stand-off. Virtualization revolutionized computing by adding a layer of abstraction below operating systems. Our technology brings security to that layer; and while intuitive, it is revolutionary because, until now, it was deemed extremely difficult to achieve," said Mihai Donƫu, Chief Linux Officer, Bitdefender.

Recently, Bitdefender was selected to give a practitioner talk about Hypervisor-based Introspection at the 2015 USENIX Annual Technical Conference (8-10 July, Santa Clara CA). The company also intends make the technology widely available to customers by late 2015.

The Hypervisor-based Memory Introspection announcement closely follows the recent announcement of Bitdefender having become a Silver member of the Linux Foundation, a nonprofit organization dedicated to accelerating the growth of Linux and collaboration. 

By joining the Linux Foundation, Bitdefender further accelerates its significant contribution to the Linux ecosystem, focusing on driving security in new directions. As a new Linux Foundation member, Bitdefender strengthens its participation in the broader community of open source development and collaboration behind Linux. 

"We are a major supporter of Linux and open source projects throughout the world, and joining the Linux Foundation demonstrates our commitment to the advancement of better security solutions to protect open source programs and projects,” said Rares Stefan, Vice President Global Alliances, Bitdefender. “We’ve worked with the community for some time to identify and resolve several potential vulnerabilities and our continued work in this area is growing in both scope and demand.”

Share This ON: