Yes, micro-virtualisation is pretty cool. But I would probably pick Invincea over Bromium, because running every single task in mini-VM's sounds like overkill to me.
My tin foil hat is not working anymore. https://www.theatlantic.com/health/...the-government-to-track-your-thoughts/262998/ Since the internet is filled up with garbage and "fake news", bar this site (good old Wilders). My only recourse is just to to pull the plug. But something keeps calling me back, like passing a wreck just have to look, very sad for me.
LOL, I watched some video's of Bromium, and I don't see why every browser tab should run in it's own virtual machine. The second link is about how it manages to block ransomware that next gen AV will apparently miss. I do think their tech is interesting, but I believe a company like Invincea (now owned by Sophos) will also easily stop all of these attacks, see link 3. https://www.youtube.com/watch?v=JlUMz5Y_Jqs#t https://www.youtube.com/watch?v=wzQ91UpiVQo https://www.bromium.com/resources/threat-information/advanced-malware.html
Actually Appguard does just as good a job, and this MZwritescanner, stops most of it before Appguard can react.
I forgot to mention that Bromium claims to be the only company that can block kernel exploits, but I forgot how they are actually doing this. I also asked for info about how they were able to bypass other security tools with certain exploits, but I never got an answer.
It is been almost a foregone conclusion IMO that whoever (I also lean Invincea on this) fashioned near iron clad protections, it would likely fall under "virtualization" for best results. The mainstream third party types mentioned by Peter, arrayed in series (of some sort), can just about seal things up too, but virtualization is been the bread and butter on my system platforms at least in the many years since combining Sandboxie + ShadowDefender.
Yes it's hard to beat virtualization. BTW, I believe Bromium is able to tackle kernel exploits, by running on top of the OS via the hypervisor.
If i have to use something like micro-virtualization, i rather use Linux Qubes. At least it is OS built-in. But on Windows Bromium is maybe the best solution.
Windows 10 is already offering virtualization but not on consumer versions, and they are hoping that most developers will migrate to the UWP platform, all of those apps run in AppContainer mode as you know. So at least they are trying something, because the other option was to rewrite the OS, which is completely unrealistic. https://technet.microsoft.com/nl-nl...on-based-security-and-code-integrity-policies