HBGary Unveils Deep Malware Analysis Platform for VDI
With Active Defense 1.3, malware analysis is no longer reliant on a physical memory dump saved to disk.ManTech International subsidiary HBGary announced the release of Active Defense 1.3, a platform designed to provide live, runtime memory analysis of concurrent guest operating system sessions in virtual desktop infrastructure (VDI) environments. Architected to help organizations proactively detect zero-days, rootkits and other targeted malware in remote virtual environments, Active Defense customers can choose to preserve memory using the company's traditional (Memdump) Digital DNA or opt for the memory-only, runtime Digital DNA version to adapt to the threat environment while not adversely impacting their own resources. With Active Defense 1.3, malware analysis is no longer reliant on a physical memory dump saved to disk, which the company says results in quicker returns that do not put a strain on the shared resources required to attain it. The platform scores thousands of software modules so cyber-defenders, using the technology's color-coded threat severity score, can locate and respond to the most severe threats targeting their business environment. "The popularity of remote virtualized desktops has made them a prime target for today's cyber-attackers. Active Defense 1.3 provides live, runtime malware behavior analysis for these environments," Penny Leavy, vice president and general manager of HBGary, said in a statement. "More than five years ago, HBGary developed our revolutionary Digital DNA technology to find the bad guys in the one place that they cannot hide—physical memory. We are pleased to offer our customers the industry's first deep malware analysis solution for Virtual Desktop Infrastructures."
The use of remote desktop virtualization is a growing trend in IT because it addresses the mobility of users while at the same time reduces the costs traditionally associated with supporting the devices they use. By using application virtualization and user profile management, it enables the central management of the desktop session environment and achieves separation from the physical device used to run it.