Bitdefender Hypervisor Introspection (HVI) is a security layer which fortifies Citrix Virtual Apps and Desktops, formerly XenApp and XenDesktop infrastructures against targeted attacks through live memory introspection at the hypervisor level.
Bitdefender with Citrix deliver this radical new approach to endpoint security. Citrix Hypervisor, formerly XenServer includes the Direct Inspect APIs, and is the only commercial hypervisor capable of delivering virtual machine memory introspection. The HVI approach reveals and eliminates blind spots, while also protecting existing security layers against sophisticated, kernel-based, malicious activity, including zero-day attack techniques. This is done with no software in the virtual machines. This approach benefits from the rich context that hypervisor-level access provides, while it is also isolated from the reach of attackers since there is no footprint in protected virtual machines.
The deeper level of insight provided by the Citrix Hypervisor Direct Inspect APIs is below the virtualized endpoints and the workloads. From this layer, malicious activity is exposed. Targeted, highly sophisticated attacks which use one-off tools, and exploit zero-day vulnerabilities, cannot hide from HVI. HVI detects the instant a memory violation within a virtual machine occurs, and provides detailed reporting of the attack chain, including affected processes, type of violation, and timeline of the attack. Bitdefender HVI can also contain or remove the threat by instantly injecting a temporary remediation tool into a running virtual machine.
Brochures: Executive OverviewAdministrators Guide Installation Guide Citrix and Bitdefender Cloud Workload Protection
ReferencesHypervisor Introspection defeated Eternalblue a priori Sofor Secures Virtual Infrastructure Against Targeted Attacks