How Bitdefender HVI protects virtual browsers

The Bitdefender Hypervisor Introspection (HVI) tool sits below the hypervisor and prevents any of these tactics such as buffer overflows, heap sprays, code injection and API hooking from executing, protecting the virtual browser from ever becoming compromised.

browsers chrome firefox internet explorer safari
Stephen Sauer

One of hackers' preferred methods to compromise systems is through web browsers. Even most phishing e-mails direct users, through their browser, to surf over to a compromised site where malware begins its exploit. There are other methods of attack, but using the browser is one of the most effective because it provides a privileged window into a target system, or into a system that can later be used to launch attacks deeper into a connected network.

Recently, attacks against browsers have gotten even more efficient and insidious, utilizing memory attacks and avoiding the file systems that many antivirus programs monitor. Various associated browser plug-ins and extensions can also be exploited, or could be the basis of the attack itself.

The ubiquitous nature of web browsers, with every conceivable type of device having at least one, makes them especially difficult to manage, and IT teams struggle to ensure that thousands or even millions of systems and devices under their purview have the latest updates and patches. And that may not even slow down an advanced, targeted attack.

The concept of a virtual browser came into fashion a few years ago. The idea was that if organizations are creating virtual machines to become everything from desktop clients to file servers, why not do the same for browsers? If a virtual browser became compromised, then it could simply be destroyed and replaced with a new, clean version.

This was often accomplished by installing agents on client systems or hosting browsers in the cloud. While they met with a degree of success, virtual browsers were often resource intensive, severely limited user choice, and still occasionally provided attackers with a path back into core systems.

How Bitdefender HVI works

The Bitdefender Hypervisor Introspection (HVI) tool aims to fix those problems, providing complete browser security from an on-premises solution. It works by pairing Bitdefender for inspection with Citrix XenApp together with Citrix XenServer. The only caveat is that organizations need to be running Citrix server for it to work, so will need to acquire that component if they don’t already have it. However, if they already have licenses for Citrix, then the network is completely ready for Bitdefender’s HVI.

To continue reading this article register now

Microsoft's very bad year for security: A timeline