HP BROMIUM Protected App

The Bromium Protected App allows you to provide end-to-end protection around sensitive assets in your applications. The solution allows you to isolate confidential applications completely and secure network connections between clients and servers. At the same time, your authorized users can continue to access the applications and data they need for their work. Protected App ensures that confidential data remains secure so you can focus on what matters most: building the best apps for your business.

The challenge

The use of privileged user accounts poses various challenges for businesses and authorities. In principle, these highly critical access points must be maintained on all systems and available to authorized groups of employees. At the same time, it is necessary to be able to track which administrator has carried out which activities on these user accounts – and when. Furthermore, these accounts are used for ad-hoc access to sensitive databases and domain controllers, especially in emergencies. Privileged Access Management (PAM) solutions are often used to facilitate the handling of such critical authorizations and to meet their requirements. They are used to rotate user IDs, log access and monitor activities.


Demo video
HP BROMIUM Protected App

read more

Demo video (English)
HP BROMIUM Protected App

read more

The product

Bromium Protected App moves the principle of the privileged access workstation to the workplace PC while maintaining the same level of security. To achieve this, Protected App launches explicit connections for critical access, below the potentially compromised operating system. Bromium’s root hypervisor creates a hardware-isolated virtual environment for each of these connections, from which – in a Linux operating system, for instance – an RDP connection can be established to the domain controller. 

However, a keylogger or screen capture program installed by an attacker on a workstation PC does not notice this connection, because it is created below the Windows client. Through seamless integration with Privileged Access Management (PAM) solutions, the secure connection to the critical target system is clear to the administrator, who does not get to know the privileged access data. The use of PAM portals and jump servers and their logging continue as before.

ISOLATE applications that access data you can’t afford to lose.

CREATE virtual airspace on existing Windows devices.

MAINTAINS protection, even if the unit is compromised.

ESTABLISHES a secure connection to critical applications.

PROTECTS against keylogging, screen capture, memory manipulation and man-in-the-middle attacks.

AVOID providing a second device for privileged access.
ENABLE teleworkers to enjoy lower risk and higher compliance.

OFFERS a seamless user experience that maximises productivity.

USES the same micro-virtualization technology as HP Sure Click Enterprise powered by Bromium




About Bromium & HP Inc. 

Bromium has transformed endpoint security to defeat cyberattacks with its revolutionary isolation technology. Unlike antivirus software and other detection-based defenses that cannot stop modern attacks, Bromium uses micro-virtualization to keep users safe while delivering significant cost savings, by reducing and even eliminating false positives, urgent patching and corrective action – and thus transforming the traditional security lifecycle.