Cybersecurity

Bromium's Tiny Prisons for Malware

A startup’s security software treats your PC like a quarantine zone

Provide news feedback or report an error

Confidential tip?

Send a tip to our reporters

Site feedback:

Take our Survey

By Ashlee Vance

June 22, 2012 at 1:20 AM UTC

This article is for subscribers only.

BusinessWeek Cover Image (12_26, portrait)

This article is part of the June 25, 2012 issue of businessweek.

Computer security relies on a simple principle: Keep the bad stuff out. This might mean using clever gear to monitor your network. Or it might take the form of antivirus software that keeps nasty worms from burrowing into a PC. But if heinous code does get through, there’s little to do other than find a place to cry.

A startup called Bromium flips traditional logic on its head—and lets attackers right inside the castle walls. When users run Bromium’s software, which will be available later this year, every time they open an e-mail attachment or a browser tab or another application, it creates a temporary, virtual compartment to house the task. Like a nurse observing a quarantined patient, the software watches the cordoned-off code. If it senses misbehavior—such as malware trying to exploit a security hole in Adobe Reader—it dissolves the compartment before damage can be done to the rest of the computer. “The bad guys will always get in,” says Simon Crosby, the co-founder and chief technology officer at Bromium. “It’s about limiting what they can do.”