In leveraging the hypervisor, the technology needs no software within protected virtual machines, allowing complete insight without sacrificing isolation.
Hypervisor Introspection (HVI) can be downloaded and used for free. For production use, Bitdefender advises organizations to purchase Bitdefender Hypervisor Introspection Enterprise Support.
Target attack techniques rather than payloads to detect novel, zero-day exploit attempts.
Stay ahead of attacks that are invisible to the operating system, with detailed reporting of the attack chain.
A truly agentless solution with zero footprints inside your workloads preserves high VM density and application performance.
Achieve Insight and Isolation Simultaneously
In-guest security stacks are by nature not isolated from the workloads they protect. Network solutions lack insight into the context of virtual machines. By operating at the hypervisor level, Hypervisor Introspection has deep insight into the memory of running virtual machines while remaining isolated, at the hardware layer, from protected systems.
Protect User and Kernel Memory
By leveraging Virtual Machine Introspection APIs in the Xen and KVM hypervisors, Hypervisor Introspection has insight into the memory of running virtual machines. Bitdefender developed and open-sourced, the Hypervisor Introspection engine to apply security logic to the user and kernel-mode memory of running virtual machines, both for Windows and Linux
A security that Enhances Your Existing Solutions
Organizations leverage multiple approaches to security, from the network to the endpoint, and down to the hypervisor. Without displacing existing in-guest security tools, such as anti-malware, Hypervisor Introspection focuses on attack techniques, such as buffer overflows, heap spray, and code injection, which are used in attacks, over and over.
Eliminate the Tools Attackers Use
Hypervisor Introspection focuses on attack techniques that use software vulnerabilities to gain an initial foothold or escalate privilege. If an attacker uses a buffer overflow to exploit a known or unknown vulnerability, the buffer overflow condition is detected, without requiring knowledge of the specific exploit or vulnerability, stopping the exploit
Focus on Memory-Manipulation Techniques
Instead of scanning millions of malware samples, Hypervisor Introspection detects the handful of associated attack techniques, which are only visible at the hypervisor level – identifying zero-days as easily as any known exploit. Hypervisor Introspection does not require signature updates since the attack techniques do not change.
We’re here to help you choose the solution or service that’s right for your business
