ra2 studio - Fotolia
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained
The growing prevalence of remote work amid the pandemic has cast endpoint security into the spotlight, with more businesses worrying about cyber threats targeting employee devices that may connect to less secure home networks and public Wi-Fi hotspots.
Several technology suppliers have seized the opportunity, whether it is through network security solutions that detect anomalous network traffic or using artificial intelligence (AI) to analyse storage access patterns that may be indicative of a malware at work.
HP is the latest supplier to join the fray with Wolf Security, an endpoint security stack comprising hardware and software components for business PCs to stop increasingly common cyber threats like ransomware attacks in their tracks.
At the core of the security stack is an endpoint security hardware controller embedded in HP’s business PCs that works in tandem with the HP Sure Run software to isolate each computing task in its own “micro virtual machine”, said Koh Kong Meng, HP’s head of personal systems in the Greater Asia region.
Koh said even if a user clicks on an e-mail attachment that turns out to be malware, the malicious software – even if it is run – is self-contained in its own micro virtual machine and will be terminated once the user session is closed.
And because the technology, which sits below the operating system (OS) level, does not rely on malware signatures or analyse user behaviour, Koh said it is effective in blocking unknown threats, claiming that HP’s customers have been running “several billions” of such micro virtual machines, none of which have been compromised so far.
Koh said isolating user tasks in micro virtual machines will also complement virtual desktop infrastructure (VDI) implementations, which may not cover an organisation’s entire fleet of endpoint devices.
Read more about endpoint security in APAC
- Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats.
- Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors.
- ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats.
- An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise.
To guard against attacks on a computer’s BIOS firmware that a enables a range of system capabilities including secure booting and storage encryption, the Wolf Security stack also includes the BIOSphere software that protects against a variety of attacks or corruption attempts, including those that target the master boot record.
There are some components of Wolf Security that reside at the OS level, such as Sure Sense that uses deep learning in concert with Sure Run to scan every file to suss out new threats, including zero-day attacks that traditional, signature-based antivirus software may miss.
With Wolf Security, Koh said HP is trying to make it easier for not only large companies but also small and medium-sized enterprises (SMEs) to mitigate endpoint security threats that have intensified over the past year.
“SMEs don’t have chief information security officers and cyber security teams to help them, and so we want to at least give them a level of protection at the endpoint that goes beyond antivirus and VPN [virtual private networks] at very little cost to them,” he added.
Koh said HP is working with some public sector organisations in Japan that have purchased HP’s commercial PCs to try out Wolf Security. A services component is also available to enterprises that want access to a dashboard to manage and build their own device fleet.