Fight off Advanced Persistent Threats with Bitdefender Hypervisor Introspection at Citrix Summit 2017

Reading time: 5 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

Cybercrime is estimated to cost $6 trillion by 2021, while spending on cybersecurity solutions to safeguard infrastructure is forecast to surpass $1 trillion. Growing security challenges due to system vulnerabilities and misconfigurations turn over 1 million people into cybercrime victims every day.

At the upcoming annual Citrix Summit 2017 in Anaheim, California, Jan. 9-11, Bitdefender is showcasing its revolutionary technology, Bitdefender HVI (Hypervisor Introspection), which safeguards virtualized environments from advanced persistent threats. Integrated with XenServer APIs, HVI runs at hypervisor level to detect and block sophisticated unknown threats, including APTs, from altering the kernel-mode and user-mode memory.  

Hosting a Learning Lab on January 9, between 11:00 a.m. - 2:30 p.m., in room 212A, Anaheim Convention Center, Bitdefender engineers will be doing an interactive technical session aimed at everyone who wants to learn more about how to identify advanced targeted threats and how to stop them with Bitdefender HVI. It will be a hands-on exercises with real-world scenarios, where participants will learn more about HVI and how sophisticated attacks work.

Leveraging the XenServer Direct Inspect API, HVI operates at ring-1 as it scans the raw memory of each VM, giving it intimate knowledge on both user-mode and kernel-mode in-guest memory. Because HVI is completely isolated from VMs at the hardware level, it can maintain the integrity of in-guest operating systems and deployed security tools.

”By working with Bitdefender, Citrix XenServer has become the first commercial hypervisor with virtual machine introspection, enabling customers to easily detect and  block sophisticated security threats at the hypervisor level,” said Marc Trouard-Riolle, principal product marketing manager, Core Infrastructure at Citrix. “Hypervisor Introspection is truly a game-changer in the world of cyber security. It’s a sophisticated solution for our customers yet easy to use as part of XenServer deployment.”

So how can businesses benefit from this framework? If it had been deployed, it could have helped prevent the APTs on the SWIFT platform that led to an $81 million theft from the Bangladesh central bank. The internal security of 11,000 banks and institutions that use the financial software could be compromised due to the weaknesses in the software. It’s not only the system vulnerabilities that made this happen or some of the rootkits in targeted attacks that bypass security agents, but also the hackers’ persistence to develop targeted malware attacks.

This unprecedented level of insight allows HVI to identity malicious attack techniques, stopping killing the APT life-cycle chain before it achieves persistency or compromises the organization. Advanced targeted threats, such as Carbanak, Turla, Net Traveler, and Wild Neutron, could have been prevented by HVI before causing the estimated financial and data losses.

“Bitdefender’s strong collaboration with Citrix has resulted in us coming to market with memory introspection technology that was believed to be previously impossible to achieve,” said Harish Agastya, Vice President, Enterprise Solutions at Bitdefender. “The Citrix Summit 2017 is a great opportunity for business decision makers to experience first-hand this ground-breaking solution, Bitdefender Hypervisor Introspection, that will level the playing field finally against advanced targeted threats.”

Although APTs can stay undetected for longer, the new security layer provided by Bitdefender HVI analyzes the raw memory of the virtual machine and has validated its efficiency against various APTs. Citrix Summit 2017 attendees are invited to join the Bitdefender team at the official stand, for more insights and an overview of how Bitdefender HVI works.