[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Predisclosure-applications] Application for addition to Xen predisclosure list.

Applicant: Bromium, Inc.

Domain Names:  bromium.com, bromium.co.uk


·         Bromium delivers endpoint security solutions that use a Xen-based hypervisor, called a Microvisor,  to isolate untrusted execution.  The security of our customersâ?? endpoints depends on the security of the Microvisor, and therefore on Xen.   As a security vendor Bromium needs to rapidly assess vulnerabilities discovered in Xen, to deliver timely product updates/patches to its customers.   Bromium labs actively hardens our Xen-based codebase and conducts security research on hardware, OS and hypervisor security.  Bromium reports all vulnerabilities to relevant vendors / communities in accordance with the principle of responsible disclosure.

·         A Wikipedia page for Bromium describes the Microvisor. Additional public statements on our use of Xen can be found here and here, and on our product pages:

o    Bromium vSentry uses the Microvisor to isolate untrusted execution. 

o    Bromium LAVA uses vSentry to detect malware.   

Our products are not available for download.

·         Bromium operates a security mailing list for use by its customers, at security@xxxxxxxxxxx.  

Bromium is cognizant of the responsibility and the legal and procedural requirements involved with membership of the Xen Project pre-disclosure list.   We have read this policy and agree to it, including its terms of confidentiality.

We request that you add xen-predisclosure-advisory@xxxxxxxxxxx to the Xen Project pre-disclosure list.



Predisclosure-applications mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.