NTT Com Security and Bromium have strengthened their existing partnership with the announcement of a new strategic global partnership. This new partnership will see NTT Com Security, already a premium channel partner for Bromium, now deliver Bromium’s endpoint protection solution to its business and government customers worldwide.
The goal is to increase protection against zero day attacks, a subject that has become a hot topic for all security vendors. One of the reasons for this increased attention on zero day attacks has been the fall out from the Hacking Team breach last year when it was shown the company was actively researching zero day attacks and then selling them to governments, intelligence agencies and even companies.
Simon Crosby, co-founder and CTO, Bromium said: “Bromium is expanding internationally to meet demand for ‘no compromise’ next generation endpoint protection that is resilient to targeted, nation-state based attacks that typically utilize zero-day exploits to compromise endpoint systems. Our ability to scale depends on the expertise of our partners and the trust that our customers place in them. NTT Com Security is just such a partner, and we look forward to working with them globally to meet customer needs”
At the heart of this deal are Bromium vSentry and LAVA products. According to Bromium the two tools are able to prevent infection and zero day attacks even on unpatched machines. In addition, with the huge rise in malvertising, drive-by attacks from web sites and malicious attachments to email Bromium is confident that it can detect and neutralise any risk to endpoint devices.
NTT Com Security to improve real-time threat intelligence
The reason for Bromium’s confidence is the micro-VM technology it has been rolling out. It claims that it can capture every threat in its own micro-VM and then send real-time alerts to its threat intelligence team. This is perhaps where it sees NTT Com Security playing a role. Rather than customers have the problem of which threat intelligence team to listen to, they will get a single real-time managed security service capable of assessing and responding to threats.
By bringing all of this together it also suggests that the two companies are looking to share much more threat intelligence data. Unlike NTT Com Security, Bromium LAVA is listed as using the Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) mechanisms to share and update threat intelligence data with other companies. This deal will ensure that both companies are not only widening their threat intelligence data pool but are also able to take advantage of what other companies are offering.
Given its penetration of government and multi-national companies it will also be interesting to see if this deal leads to either or both companies building out their own security communities. Some vertical markets and other vendors have established mechanisms where people can share perceived threat data and use peer assessment to rate the threat. This is designed to reduce the risk of hackers trying to pollute the threat intelligence pool with false data.
According to Garry Sidaway, SVP Security Strategy & Alliances, NTT Com Security: “Defence in Depth has always been the mantra for information security and risk management but, today’s weak link in this philosophy is the endpoint – there is ample evidence of attacks that bypass traditional security architectures to infiltrate the corporate network and gain access to sensitive data. We firmly believe a radically different approach is required to face both today’s threats and indeed the attacks of the future.”
Conclusion
This latest move comes after G-Data announced it was returning to CeBIT in March and would be demonstrating its own zero day tool. Last year, Dell agreed a deal with security start-up Cylance whose zero day tool is based on machine learning. Over the next year we are likely to see a number of new zero day protection announcements but their efficacy will all depend on how they detect real risk rather than false positives. Unlike the signatures used by AV tools, zero day has nothing against which to compare.
It will be interesting to see the take-up across the NTT Com Security customer base of the Bromium tools. Many of the current customers will already have a range of AV and other endpoint tools in place. The question is can NTT Com Security persuade them to dump what they have for Bromium vSentry and LAVA?
