Bitdefender is looking to bring security to the hypervisor level with the announcement of its Bitdefender Hypervisor Introspection solution.
The solution, announced at Citrix Synergy 2017 in the US this week, adds a new security layer to the data centre, providing an agentless solution for memory introspection around the Citrix XenServer. With those added visibility capabilities, the company said the solution could identify and isolate attacks at the hypervisor level.
That fills a gap that was previously left open in data centre security, Bitdefender vice president of enterprise solutions Harish Agastya said. That gap was left open as endpoint security solutions provide context into events but few isolation capabilities and network security solutions lacking the context to isolate all types of attacks. Agastya said the Bitdefender Hypervisor Introspection solution fills that gap, with both context through memory introspection and isolation through root-level capabilities.
While the solution doesn't solve all of a company's security needs, Agastya said it adds another layer of advanced breach protection to the data centre. That is critical when defending against advanced persistent threats, he said. He said it was complementary to existing security technologies, including firewalls and endpoint security offerings.
"These attacks that are running in your data centre and typically resulting in the exfiltration of confidential IP, that is something that everyone wants to protect against. No one wants to be on the front page [for a breach] … and they don’t really have a breach prevention or detection solution. That's the particular problem that the Hypervisor Introspection solution solves," Agastya said.
The solution was developed in collaboration with Citrix's Xen Project, allowing it to run on any system running Citrix virtualisation technology. Agastya said Bitdefender is also working to extend the solution to other virtualization companies.
Citrix director of product management David Cottingham said that collaboration is key, especially as Citrix looks to play a bigger role in securing organisations from the virtualization level.
"Citrix is positioning itself very much as having a big part to play in security. If you talk to our customers, we have been perceived as a security vendor for quite a while, but we have not been getting that message out until relatively recently," Cottingham said. He said Citrix plans to further build on that strategy with analytics capabilities.
For partners, Bitdefender's Agastya said the new Hypervisor Introspection solution presents a "greenfield opportunity," as it is an additive layer to existing security solutions that few if any, other companies offer. He said it also helps partners who work with either Citrix or Bitdefender raise the security level for their customers around advanced threats.
"It's a greenfield product that solves a legitimate problem," Agastya said. "Now you have an opportunity to sell a more complete solution. Nobody wants to be attacked by a breach, and for a reseller to have the ability to solve that problem is huge."
Bitdefender's Agastya said hypervisor security is a new market, so education of partners and customers will be key going forward. He said attacks like the recent WannaCry ransomware attacks would likely help raise awareness for the importance of this type of security solution for enterprises. He also expects other vendors will look to jump into the hypervisor security market. Lifeboat's Current agreed, saying he expects to see more companies move to offer security technologies for virtualisation.