Bromium was founded in 2010 with a mission to restore trust in computing. The company’s founders, Ian Pratt and Simon Crosby have a long and deep history of innovation in virtualization and security. Inspired by the isolation principles of traditional virtualization, the Bromium team has created a game-changing new technology called micro-virtualization to provide powerful enterprise by protecting end users against advanced malware. Bromium has its headquarters in Cupertino, California and an R&D center in Cambridge, UK. The company is backed by top-tier investors, including Andreessen Horowitz, Ignition Capital, Highland Capital Partners, Intel Capital, Meritech Capital and Lightspeed Venture Partners.
Perfect solution to rely upon
Bromium is the perfect solution for many industries, particularly those that have IP or customer and financial records to protect. Learn how Bromium can help you prevent data breaches and protect your organization.
From CEO’s desk: Gregory Webb
We protect your data, your people and your brand.
No malware escape has ever been reported by Bromium customers.
Unlike most security technologies that rely on detect-to-protect methods, Bromium stops threats with virtualization-based security.
Our Sensor Network, for Endpoint Detection and Response (EDR), and patented isolation technology, work together to deliver high-fidelity alerts based on full kill chain analysis.
Information is correlated with all hosts to accelerate a network-wide response.
Tamper-proof introspection of protected hosts included.
Reducing desktop operations cost
Enterprises reliant on old-school detection technology on the network and on the endpoint find themselves facing the sea of alerts, drowning in data that suggest an attack may have occurred. Invariably, these investigations prove fruitless and an organization incurs significant costs that could have been avoided.
Reducing security operations costs
The downstream costs of urgent security patching and reimaging machines can be enormous for an organization. With Bromium, this is a thing of the past. Security professionals can eliminate the need for urgent patching and, since breaches can’t occur anymore, there is no need for reimaging infected machines.
Eliminating the cost of a breach
The largest cost for most organizations is clearly the damage caused by a data breach. Lost intellectual property, customer and financial data and the resulting brand damage can be staggering, in the tens and even hundreds of millions of dollars, as evidenced by Target and Sony. Industry research highlights that the average cost of a breach in 2014 was over $7 million. And for larger F500 companies, it is significantly more.
An Industry Under Siege
The 2010 Stuxnet attack that crippled 14 industrial sites in Iran and recent attacks against 10 major US energy companies speak to how vulnerable oil, gas, and utility companies are to cyber attacks. The consequences of these attacks are serious—potentially resulting in massive outages that could affect a wide geographical area and large populations. Typically, these attacks are motivated by politics rather than profit. Many of these incidents are acts of espionage, terrorism, and hactivism.
In the global energy sector, poorly secured endpoints are susceptible to both opportunistic attacks (drive-by-downloads or Trojans) and well-orchestrated advanced persistent threats (APTs) and spear-phishing attacks. Other risk factors include a high degree of Internet connectivity, complex infrastructures, and ineffective legacy security technologies.
“Globally, it is estimated that cyber attacks against oil and gas companies will cost energy companies $1.87 billion by 2018.”-Willis Natural Resources
Challenges: Evasive, Targeted Attacks
Unknown, targeted attacks commonly have the energy sector in their crosshairs. These attacks are polymorphic and use advanced evasion techniques, so they are able to bypass antivirus and other signature-based solutions.
Ineffective layered security
Beyond antivirus and firewalls, energy companies often deploy a layered defense strategy that may include intrusion prevention, application whitelisting, secure Web gateways, and more. These systems are complex and costly, can limit user productivity, and require expert management. Because they are largely based on legacy detection technology, they are ineffective against stealthy, targeted attacks that can find their way to the corporate network primarily via endpoints.
Most energy companies rely on multiple suppliers for their automated equipment and not all have guidelines that address contractor access to systems.
Bromium: Removing the Attacker's Beachhead
Bromium’s revolutionary isolation approach is far more effective than detection-based solutions like antivirus, whitelisting, Web gateways and sandboxes. Bromium eliminates the attack pathway into the network—attackers cannot get past the endpoint to perform surveillance, steal credentials, establish persistence or ultimately compromise critical systems.
The firm’s breakthrough isolation technology creates a disposable micro-virtual machine for vulnerable operations, like Web browsing or opening documents or attachments. Tasks are isolated from the host system, so there’s no need for detection or behavioral analysis—and the possibility of compromise is eliminated. If malware is on the website or in a document, it is contained in its micro-virtual machine, and it is discarded when the task or session is complete, so your endpoint, your network, and your infrastructure are not compromised.
Click on anything
Energy workers can put their attention on their work, without worrying about security—even if they make errors or use vulnerable applications.
Greet the luminary
Gregory Webb is the CEO of Bromium, the pioneer and leader in next-generation endpoint protection, with revolutionary, market disrupting, and best-of-breed enterprise security products. With nearly 15 years’ of business, and strategy experience running successful, enterprise software teams, Gregory is passionate about customer success, strategy, and analytics to achieve exceptional outcomes. Gregory brings a wealth of experience in the cybersecurity sector, in roles that have seen him transform business strategy with great success.
Gregory holds a master’s from Brigham Young University and a doctorate in Comparative Literature from the University of California, Los Angeles (UCLA), and was a Fulbright scholar at Stockholm University.
“Our specialities are endpoint protection, enterprise security, cybersecurity, next-generation endpoint security.”