Bromium has raised $40 million for its micro virtual machine (micro-vm) technology that traps malware and analyzes it for IT administrators to examine once an attack takes place. The oversubscribed Series C funding round was led by new investor Meritech Capital Partners, with participation from existing investors Andreessen Horowitz, Ignition Partners, Highland Capital Partners, and Intel Capital. The company has now raised $75.7 million since founded in 2010.
The company’s technology bypasses traditional means of protection such as signature-based systems that have proven ineffective against malware and other types of attacks. Bromium takes a different approach capturing every web page, email message or instant message and storing them each in their own virtual machine. A customer may have hundreds of virtual machines running on their computer or Android device. If someone clicks a bad link, the micro-vm will keep it until the IT administrator views and disposes of it. The user is never bothered — the whole process is invisible to them. The protection is all done in the background.
The Bromium technology gets baked deep into the device hardware. it support Intel-based hardware, Windows 7, 32-bit or 64-bit. It also supports Apple OSX. It protects against web, email (Outlook, Web-Mail and Lotus Notes), USB, instant messaging and third party or custom messaging apps.
The security does not yet work with Apple iOS devices. Apple is notorious for controlling its software stack. CEO Gaurav Banga said in an interview today that they have to work in the “right legal framework with the company.” He would not further comment.
Bromium’s security technology is not infallible by any means. It can’t be as no security system is perfect, writes Simon Wardley in a post last May. Wardley is a researcher with the Leading Edge Forum in the United Kingdom:
What Bromium has neatly done is not try to solve the impossible (preventing you from being attacked) but instead limited any damage to as small and as temporary a space as possible. Hence whilst Bromium does not prevent any zero day exploits being run, it reduces the impact of them to practically negligible. The fear is gone. Just because one email has been compromised, doesn’t impact all the other emails or the other applications and environments on my machine. It’s all isolated and to get rid of the problem I just close that email.
The security industry is going through rapid disruption. The question for Bromium is can it be the next end-to-end security play? it’s possible but it still needs to offer universal protection. If it can fill that big iOS hole then it has a decent chance of becoming a core technology for the Fortune 500 CIO.