Hypervisor introspection as open source

August 7, 2020
| No comments
Bitdefender_News

Share post

Bitdefender makes HVI available as open source. This enables hypervisor introspection to be used for other purposes besides IT security. The publication takes place as part of the Xen Project

Bitdefender provides HVI (Hypervisor Introspection) as open source. The cybersecurity company, which protects over 500 million systems worldwide, is making one of its groundbreaking technologies freely available to the open source community. HVI uses the position of the hypervisors between the underlying hardware and the virtualized operating systems of the servers and desktops. The technology examines the memory in real time for signs of memory-based attack techniques that are used to exploit known and unknown vulnerabilities. The code was published as part of the Xen Project under the name HVMI (Hypervisor-based Memory Introspection) under the Apache 2.0 license.

HVI mechanisms as open source

Bitdefender is a member of the advisory board of the Xen Project hosted by the Linux Foundation. By providing the HVI mechanisms as open source, Bitdefender is helping to understand and apply the security logic for events in the main memory in virtual machines under Linux and Windows. The mechanisms use APIs on the hypervisor level for introspection, i.e. a kind of self-analysis, of virtual machines.

The HVI code enables organizations to understand the storage view provided by Virtual Machine Introspection in both the Xen and KVM hypervisors. The technology, which Bitdefender first introduced in 2017, gained widespread recognition for stopping EternalBlue attacks without any knowledge of the attack or the underlying vulnerability. The WannaCry attacks that used EternalBlue and the success of HVI made it clear that hypervisor security solutions like HVI need to become part of the security fabric of organizations. While Bitdefender has used the technology for security purposes, the possibilities extend to a number of other areas that can leverage and expand this unique, powerful sensor.

Additionally published hypervisor technology "Napoca"

At the same time as HVI, Bitdefender also released its slim hypervisor technology "Napoca", which it used in the development of HVI, as open source. Napoca can prove useful to researchers and open source endeavors because, unlike virtualizing all hardware, it can only virtualize the processor and memory and combine it with HVI to protect physical systems.

"The Xen Project is proving to be extremely fruitful and the hypervisor VMI capabilities of the Xen Project have fundamentally changed IT security," said Shaun Donaldson, director of strategic alliances at Bitdefender. “We are excited to see the many possible uses that the community will develop for the technology. We expect HVI and Napoca to be used in areas that go beyond Bitdefender's security-oriented goals and that we cannot foresee today. "

Beyond the boundaries of operating system-based security models

Kurt Roemer, Chief Security Strategist and member of the Office of the CTO at Citrix, says the creativity of the open source community will embed HVMI technology in a wealth of resources with surprising innovations that go beyond the confines of operating system-based security models: “HVI has provided extensive threat insights and remedial action for Xen-based virtual machines. Now that the technology is open source, the use cases to which HVMI can be applied will be of immediate benefit to both security teams and their organizations - especially as threats emerge. "

More on this at Bitdefender.com

 

About Bitdefender

Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

Bitdefender, Short news
, , , ,