- HVI takes advantage of the position of hypervisors between underlying hardware and virtualized operating systems like Windows, Linux, desktops
- Bitdefender is also open sourcing it’s ‘thin’ hypervisor technology, known as Napoca
Bitdefender has announced the contribution of Hypervisor Introspection (HVI) to the open source community as a subset of Xen Project called Hypervisor-based Memory Introspection (HVMI). Bitdefender is open sourcing the mechanisms of HVI used to understand and apply security logic to memory events within running Linux and Windows virtual machines. These mechanisms use Virtual Machine Introspection APIs at the hypervisor level.
Hardware and virtualized operating systems
The code, formerly intellectual property of Bitdefender will allow organisations to make sense of the view of memory provided by Virtual Machine Introspection within both the Xen and KVM hypervisors as per the company. HVI takes advantage of the position of hypervisors between underlying hardware and virtualized operating systems like Windows, Linux, desktops, and servers to examine memory, in real-time. It looks for signs of memory-based attack techniques that are consistently used to exploit known and unknown vulnerabilities.
Shaun Donaldson, director of strategic alliances at Bitdefender said, “The Xen project is proving extremely fruitful, and the Xen Project hypervisor VMI capabilities have revolutionized security. We are excited to see the range of uses the community will come up with for the technology, and fully expect to see HVI and Napoca technology used in areas beyond the scope of Bitdefender’s security-focused purposes, that we could not anticipate today.”
Bitdefender is also open sourcing it’s ‘thin’ hypervisor technology, known as Napoca. It has been used in developing HVI. The company said that Napoca can prove useful to researchers and open source efforts as it virtualizes CPU and memory, as opposed to virtualizing all hardware. It can also be combined with HVI to protect physical systems.