Data Sheet

Bromium Advanced Endpoint Security Protect | Detect | Respond

At a Glance Today’s enterprises are fighting a losing battle against advanced, Bromium Advanced Endpoint Security targeted and often undetectable cyber attacks. In spite of the uses micro-virtualization and contextual, increased spend on more and more layered security solutions, real-time detection to protect across all major threat vectors and attack types. organizations are not making headway against attackers. Enterprises Enterprises can finally defeat cyber attacks and eliminate endpoint breaches. are getting breached, users’ productivity is hampered by side effects of security solutions, and IT is stuck on a treadmill of never-ending Key Business Benefits patching and remediation.

PROTECT AGAINST ZERO-DAY ATTACKS Revolutionary micro-virtualization technology prevents known and Bromium® Advanced Endpoint Security next-generation endpoint protection unknown cyber attacks from offers a better way to defeat cyber that integrates endpoint threat isolation, compromising endpoints and your attacks that target the endpoint, where threat analytics and continuous host corporate network more than 70% of breaches originate. monitoring to enable organizations TRUE PREVENTION WITHOUT The first to deliver an endpoint security to protect, detect and respond to USER DISRUPTION Users can safely click on anything from solution based on virtualization, targeted attacks, zero-day threats and home, branch offices, airports and cafes— Bromium offers comprehensive attempted breaches in real time. without the need for restrictive policies

DETECT ATTEMPTED BREACHES Behavioral detection techniques alert and monitor suspicious activity on the host system

ELIMINATE REMEDIATION AND EMERGENCY PATCHING COSTS Bromium-protected endpoints are self-remediating because any possibility of malware persistence is eliminated. Pivoting from the attacked system to the enterprise network is not possible Protect Detect Respond Complete protection Real-time detection Instant attack against both known and and monitoring of visualization and unknown threats threat activity threat intelligence Data Sheet

Bromium Advanced Endpoint Security Modules

Only from Bromium Endpoint Protection • Works in conjunction with Endpoint

POWERED BY XEN Complete protection against both Protection to monitor activity outside Bromium is powered by the Xen known and unknown threats the micro-VMs hypervisor, the same technology that drives global computing • Leverages micro-virtualization to • Features customizable threat modeling to flag malicious behavior BROMIUM MICROVISOR hardware isolate websites, email, This purpose-built, security-focused documents, USB and executables to appropriate for the organization hypervisor is based on Xen and leverages prevent endpoint compromises advanced hardware capabilities to Threat Analysis deliver unprecedented granularity, • Protects mobile users against attacks, Instant attack visualization and threat security and performance even when off the corporate network intelligence CPU-ENFORCED ISOLATION Bromium harnesses hardware • Blocks attacker access to Intranet • Delivers real-time attack forensics for virtualization features built into today’s and high-value SaaS sites malware that executes in a micro-VM PCs and laptops to enforce the isolation of untrusted tasks and implement the • Eliminates malware persistence or on the host OS principle of least privilege between the through automated remediation protected system and unknown code • Assembles and correlates across endpoints indicators of attack (IOAs) Endpoint Monitoring from host monitoring and indicators Real-time detection and monitoring of compromise (IOCs) from micro- of threat activity virtual machines • Enables users to trust content “Enterprises are overly dependent • Provides search capabilities to quickly without impacting the detection of on blocking and prevention identify IOAs and IOCs on endpoints mechanisms that are decreasingly malicious activity effective against advanced attacks. • Presents graphical view of entire Comprehensive protection requires • Applies behavioral rules to track attack for visualization and analysis an adaptive protection process anomalous activity integrating predictive, preventive, detective and response capabilities.”

NEIL MACDONALD AND PETER FIRSTBROOK GARTNER, 2014

2 BROMIUM ADVANCED ENDPOINT SECURITY

Endpoint Controller One-click deployment, policy • Accelerates deployments at scale “Bromium is the most significant advancement in security in decades.” orchestration and threat management with fully autonomous installation and update engine BOB BIGMAN • Allows IT to monitor, analyze and FORMER CISO, CIA

report on dangerous security events, • Publishes threat intelligence in “Bromium’s endpoint threat isolation attack kill chains and risk profiles in real time to SIEM systems and revolutionizes security.” real time from a centralized dashboard network security tools to provide ROLAND CLOUTIER in-depth defense CSO, ADP • Provides full, granular policy control over all endpoint isolation and monitoring capabilities

How it Works

Protect Detect Respond

Bromium protects endpoints Bromium uses micro-VM Malware is automatically remediated by isolating attack vectors for introspection to monitor execution when the task is closed all untrusted content of each untrusted task, collecting • Bromium assembles and correlates packets, files and memory changes • Users have seamless experience across endpoints IOAs from host when Web browsing, opening email • Bromium monitors the host OS for monitoring and IOCs from micro- attachments, opening files, etc. any signs of malicious execution for virtual machines a wide range of threatening content • Malware is hardware-isolated by • Admins have quick search the CPU and cannot persist, pivot • Any files that the user trusts are capabilities to quickly identify onto the enterprise network or tracked in detail (trust but verify) IOAs and IOCs on endpoints, access high-value data or sites even if offline

3 Data Sheet BROMIUM ADVANCED ENDPOINT SECURITY

System Requirements The Bromium Advantage

PROTECTED ENDPOINTS

NETWORK Operating System MICRO- BEHAVIORAL APPLICATION WHITE BEHAVIORAL ANTI MALWARE VIRTUALIZATION BLOCKING SANDBOX LISTING ANALYSIS VIRUS Microsoft Windows 7 (32-bit and 64-bit) ANALYSIS Microsoft Windows 8.1 (64-bit) Block known Microsoft Windows 10 threats Mac OSX Block unknown BROMIUM ENTERPRISE CONTROLLER threats Operating System Microsoft Windows Server 2008, 2012 Protect mobile users Data Base System MicrosoftSQL Server 2008, 2012 Protect against kernel attacks Hardware Intel or AMD standard architecture Hardware-enforced protection

About Bromium Eliminates remediation Bromium has pioneered the next Unchanged user generation of endpoint protection experience that eliminates breaches. Just as virtualization transformed IT, Bromium No list maintenance is transforming security with its unique or tuning micro-virtualization technology. Bromium provides the world’s most Visual attack analytics advanced endpoint security, even against the most sophisticated zero-day Not reliant on malware. Unlike traditional security detection technologies, such as antivirus or virtual containers, which rely on ineffective FULL SUPPORT PARTIAL SUPPORT NO SUPPORT detection techniques, Bromium’s solution automatically isolates each user-task in a lightweight, CPU-enforced micro-VM. This enables users to click on anything without risk of compromise, protecting the enterprise. Bromium’s technological innovations have earned the company numerous industry awards. Bromium counts a rapidly growing set of Fortune 500 companies and government agencies as customers. Visit us at www.bromium.com.

Bromium, Inc. Bromium UK Ltd. For more information go to www.bromium.com 20813 Stevens Creek Blvd Lockton House or contact [email protected] Cupertino, CA 95014 2nd Floor, Clarendon Road [email protected] Cambridge CB2 8FH Copyright ©2016 Bromium, Inc. All rights reserved. +1.408.213.5668 +44.1223.314914 DS.BAES.US-EN.1602 4