Skip to content
December 7, 2016 / Rob Macintosh

Become a Bromium Expert: Get Certified and Start Securing Your Enterprise

  • Bromium’s certification program equips customers with the knowledge they need to become security experts.
  • For help desk teams and entry-level administrators, our Basic Track is all you need.
  • For incident-response team members and engineers, our Advanced Track will make you an expert.

education_key_keyboardThe Secret to Success

Malcolm Gladwell’s Outliers explores the secret-to-success and the 10,000-Hour Rule. He claims that, no matter what the skill, the secret to becoming an expert is largely a matter of practicing the correct way, for a total of around 10,000 hours. Bill Gates, states that his reason for success was access to a computer as a child, which gave him a competitive advantage when such technology was a rarity.

Register today: Interested in certification? Sign-up here.

Read more…

December 6, 2016 / Lucy Gissing

Our New Premium Support Delivers Faster Time-to-Value for Customers

  • Rapid expansion in enterprise market is driving the need for additional customer service options.
  • New premium support on par with the best from enterprise vendors.
  • Certification is also available for those who want to become technically proficient.

premium-servicesCustomer success is at the center of our business and we understand that when you invest in the Bromium Secure Platform, you want to get the most out of it from day one. The last thing we want to do is hold you back on your journey to security utopia, so with that in mind we’ve launched Premium Support and online certification.

Webinar: Register for Exclusive Preview of the New Platform, Thursday at 2pm GMT |  9am PST

Read more…

November 30, 2016 / Mike Donnelly

You Hacked – Ransomware Attack on Muni Demonstrates Need for Isolation

  • As shoppers converged in San Francisco this weekend for holiday shopping, the Municipal Transport Agency (MUNI) was hit with HDDCryptor ransomware
  • Customers rode free, while the city lost $559,000 per day in ticket sales
  • The attacker claimed that MUNI’s data had been encrypted and demanded a ransom in bitcoin.

sfcablecarOver the Thanksgiving weekend the San Francisco Municipal Transport Agency was hit with ransomware, which Trend calls HDDCryptor.

Hackers made a Bitcoin ransom demand of $70,000. Payroll and employee’s personal information were not the only thing at stake, as staff were forced to shut down over 2100 machines, including ticket kiosks, leaving customers across the city to enjoy free rides – an unexpected bargain for Black Friday shoppers.

Watch: 90 seconds shows how we defeat ransomware with micro-virtualization technology

HDDCryptor ransomware is especially disruptive as it does more than just target files on the local disk or network. It also encrypts and locks the hard drive. Customers were greeted with messages like the one seen on the screen below as they approached ticket machines with money in hand. (Makes you think: if the attackers thought this one through, it could have been so much worse.) Read more…

November 25, 2016 / James Wright

Black Friday Purchases Could Deliver Malware to Your Network

  • As shoppers rush out and buy the latest tech for their holiday gift giving – or order them online during Cyber Monday – they will never know the hidden dangers in what they purchased.
  • The Internet of Things is exciting and the cool tech provides some of the most coveted gifts every year but at what cost?
  • What people don’t realize is in the rush to market, rapid development cycles reveal compromises that can leave end users vulnerable to cyber threats.

The cartoon below was sent around our office depicting a number of IOT household appliances blackmailing their owner. This particular cartoon resonated with me because I think it highlights one of the problems with the rapid development that happens in the tech industry. With the need to get to market quickly, security is usually overlooked in the early days of product development, unsecure architectural decisions are made, product complexity increases and with it the potential attack surface.

Learn more: A different look at the vulnerability of human behavior. Read more…

November 23, 2016 / Lucy Gissing

Why Employees can be a Security Risk for Hospitals

  • Large quantities of sensitive data held by hospitals are being targeted by hackers.
  • 90% of employees in hospitals failed a CynergisTek phishing test
  • Bromium protects companies from the unknown

vaccinationThere’s an ever growing epidemic of cyber-attacks on hospitals. The NHS and other healthcare providers are being targeted by hackers because they have such large quantities of sensitive data. It recently hit the news that three UK hospitals were forced to shut down their IT systems and declare a major incident after being hit by a virus. This isn’t a game – at least 35 operations had to be cancelled putting people’s lives at stake.

Learn more: Get the Bromium Overview

Trust me, I’m a…

So how do the attacks happen in the first place? Simple answer; a company’s biggest vulnerability – humans. We already know from previous Bromium blog posts – you can’t trust humans and relying on them to keep your company safe isn’t a solid strategy. A U.S. hospital operator Atlantic Health System found this out. They commissioned CynergisTek for a phishing test and here’s what happened: Read more…

November 9, 2016 / Jennifer Carole

Elections, Cybersecurity and Human Nature – Why This Matters to Corporate Security

Update: since we published this blog, the following news broke: “Suspected Russian cyber-crime group, APT 29 or Cozy Bear, are suspected in a series of spear-phishing campaigns aimed at compromising US organisations.” The threat is real. 

  • The elections are over but our cyber security may be in more trouble than ever before.

  • Relying on human beings to keep your company safe isn’t a solid strategy.
  • You need to remove the human factor because that’s a variable you can’t control.

Copyright C-Section Comics

Regardless of where you come down on the US Elections, there are some things that are clear. Our elections were influenced by Nation State attacks. Simon Crosby (@simoncrosby), our co-founder and CTO has spoken at length about the role of bots sharing misinformation about both candidates – influencing voters who don’t bother to do their own research. In fact it even influenced people in the media who perpetuated the false claims.

In addition, we know Russia played a part in hacking candidate’s servers to expose information with an eye toward influencing the election, potentially putting one of the most powerful aspects of America – our peaceful transfer of power – at risk.

How does this relate to cyber security in your organization?

Essentially it strips us down to brass tacks. Humans take action without necessarily thinking. Regardless of who you are, the probability that all of us have done this is high. Read more…

November 8, 2016 / Gavin Hill

Serious Security is Easy: 10 Misconceptions about Virtualization Based Security

  • Myth: Micro-virtualization makes daily user tasks difficult and does not block malicious activity.
  • Fact: End users can effortlessly carry on with their day-to-day tasks as usual, including opening and using files sourced from the internet.
  • Fact: All malware activity is contained, recorded, analyzed for network detection, and then destroyed – all without remediation. Let us show you how to save time, resources and more importantly – your network!

10thingsLast month, Microsoft released WDAG for its Edge browser, which takes advantage of virtualization-based security to hardware-isolate Edge using micro-virtualization. This is a good indicator of how the security industry is shifting to address ever increasing cybercrime.

Learn More: Bromium Overview

Let’s face it – there will always be vulnerabilities that cybercriminals can take advantage of, and you simply cannot anticipate an adversary’s every move. Clearly, prevention techniques have proven that they are inefficient and plain do not work – we must find a better way. Gartner validates that “Micro-virtualization is a great model. It’s the way forward.” Read more…

November 1, 2016 / Jennifer Carole

Crosby on the Real Hacking Risks for the US Election

  • We’ve taken elections for granted for our entire lives. We vote, we go home and we watch the returns on television.
  • But with technology becoming part of the process, does that mean we putting democracy at risk or improving the opportunity for everyone to have a better chance at participating?
  • And will Russia hack our elections and render us a hot mess of contention and finger-pointing?

election-4Our CTO and co-founder of Bromium, Simon Crosby, tackled the subject of hacking via a BrightTalk lecture (this is a mainstream talk – you don’t have to be a techie to appreciate).

Watch: BrightTalk login required

According to Simon, “The US election and its voting infrastructure are under attack. The result is ugly and shows the extent to which we need to plan for and protect against the influence of cyber-related attacks on US elections in future.”

Who might tamper with our elections, why might they tamper and what might it mean? Ballot stuffing has plagued voting since voting began. In this brief discussion, he reviews the underpinnings of democracy, and how we might defend it when it is in everyone’s interest to subvert it.

Meanwhile, if you want to be “in the know” and follow someone who’s always weighing in with his opinion, follow @simoncrosby on Twitter.

October 31, 2016 / Jennifer Carole

Your Enterprise Security Secret Weapon – Put Your Endpoints to Work

  • Turn your biggest liability into your best enterprise defense
  • Discover how to achieve rapid time to remediation of threats
  • Reduce costs with optimized resource usage as we’ve streamlined how Bromium prevents breaches

No more surprises.

Anyone who takes security seriously has come to terms with the fact that detect, respond, recover just aren’t working anymore. It’s time for a game changer – a way to stop worrying about all the attacks that threaten browsers, email, and application downloads. The trick is to contain the malware and prevented from taking hold. That’s where virtualization-based security comes in.

Watch this webinar to see how your endpoints become an army of defense that protects your enterprise from breaches.

Read more…

October 24, 2016 / Simon Crosby

Advice Can Be Dangerous – Why Critical Thinking Matters


Since our first customer deployment four years ago, we believe no Bromium protected endpoint has been breached.

And that’s not for want of trying.  Annual pen-tests and source code reviews by the world’s best are fundamental to what we do. We collaborate with researchers to continually evaluate, attack and improve our product.

Bromium is the back-stop that  protects the endpoints of the most sensitive agencies of four major democracies. Our product is deployed at large scale and is subject to nation-state attacks. It delivers detailed forensic information for attacks with vanishingly low false-positive rates. There are no false negatives.

We protect the “unprotectable”: unpatched endpoints that depend on legacy software, on unprotected networks, targeted by nation state adversaries.  And we win.  

Read more…