Can a hypervisor be used as a security layer?
Security

Can a hypervisor be used as a security layer?

According to Trustwave’s most recent Global Security Report, the average time from intrusion to detection of a breach is around 49 days. With more advanced malware – also known as Advanced Persistent Threats (APT’s) – detection times can be much higher.

These advanced attacks use various methods to escape detection. But there’s something that every attack – whether the latest and greatest state-sponsored malware or a yet-to-be-disclosed zero-day vulnerability - has in common; they all require at least a little memory to exist and execute.

“All malware leaves a memory footprint,” says Liviu Arsene, Senior E-Threat Analyst at Romanian security provider Bitdefender. “I pull my hair out every time I hear about fileless attacks. There is no such thing. It's still code. All of these advanced tools, they all require some sort of memory footprint.”

However, it can be hard to find traces of malware. Today’s malware is adept at hiding itself within systems; just because Windows says there’s isn’t an executable file using up lots of memory doesn’t mean that’s actually true.

“The disadvantage of having an agent inside in the machine is that it's dependent on information coming from the Operating System.”

To continue reading...


Please login or register to view your article. If you do not have or do not remember your password, please click on the “Forgotten your password?” link at the bottom.
If you do not yet have a password but are an existing user, please use the “Forgotten your password?

PREVIOUS ARTICLE

«Millennials talk careers: Guen X Dang

NEXT ARTICLE

Typical 24: Matt Hebden, dyzio»
author_image
Dan Swinhoe

Dan is Senior Staff Writer at IDG Connect. Writes about all manner of tech from driverless cars, AI, and Green IT to Cloudy stuff, security, and IoT. Dislikes autoplay ads/videos and garbage written about 'milliennials'.  

  • twt
  • twt
  • Mail

Comments

no-images

Dave Convery on September 06 2017

Seriously?? VMware has been doing this since vCNS days.

no-images

Dave Convery on September 06 2017

Seriously?? VMware has been doing this since vCNS days.

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?