Stealth attacks still overpower virtualization security despite major efforts from the security industry. In 2016, it took enterprises an average of 5 months to discover they had been breached, and researchers often found zero-days and sophisticated kernel-level malware at the root of the breaches.
By joining their considerable expertise in IT security and data center virtualization, Bitdefender and Citrix have developed an entirely new security layer which malware cannot compromise or evade – through raw memory introspection directly at the hypervisor level.
Bitdefender Hypervisor Introspection (HVI) is the first security solution that is able to uncover memory violations that endpoint security tools sometimes miss by directly analyzing raw memory lines - thereby ensuring they are not being altered by malware.
Apart from containing the attack in real time, Bitdefender HVI can also help remove the threat, by automatically injecting a temporary remediation tool in the affected Virtual Machine.
Positioned completely outside the operating system, with hardware-enforced isolation, and with no agent or drivers installed on the endpoints, Bitdefender Hypervisor Introspection is impossible to take down or compromise by rootkits or other kernel-level threats.
Bitdefender HVI sends out alerts the instant a memory violation is detected and provides detailed reporting of the attack chain, including affected processes, type of violation, and timeline of the attack.
By focusing on techniques, rather than the payloads, Bitdefender HVI is able to stay ahead of attacks and protect you against notorious attack gateways such as browser zero-days or spear-phishing emails with exploited files attached that are not visible from within the guest OS.
Instead of inserting an agent into each VM, Bitdefender HVI detects and secures infrastructures directly at hypervisor level, through a security virtual appliance. This is why, unlike other vendors that require you to remove your endpoint protection and replace it with theirs, Bitdefender HVI is complementary to and compatible with any existing security tools.
Bitdefender HVI’s centralized approach to security makes its deployment a matter of minutes and its management straightforward, through Bitdefender’s GravityZone Control Center.
After much invested effort, Bitdefender HVI now monitors your infrastructure without impacting consolidation ratios or slowing down user activity on the VM.