Former Citrix chief technologists Ian Pratt and Simon Crosby left the virtualisation vendor last month to pursue a “big, left-hand swerve” with new start-up, Bromium.
The duo, which joined Citrix when it acquired their open source start-up XenSource four years ago, launched Bromium on 22 June with former Phoenix Technologies CTO Gaurav Banga.
Instead of bringing Banga’s patented technology to Citrix, the XenSource founders left the company on “friendly” terms to develop what Crosby said could become either “way cool technology”, or a failure.
With US$9.3 million in venture funding and expertise in virtualisation software (Xen) and secure firmware (Phoenix), Bromium could produce a hypervisor-based security product within the year.
“In any large company [like Citrix] where you’re developing a product line, your resources are spent on how to improve those products and support your customers,” Crosby told iTnews this week.
“In general, virtualisation technology to date has been about manageability, accessibility ... We’re taking a big left-hand swerve in the entire notion of what the hypervisor is.”
While other developers are concerned with securing virtual machines, Bromium’s hypervisor aims to be the security layer for all other machines.
As Crosby describes it, the “magic hypervisor” gives users “extremely granular control” over the execution of code by monitoring all I/O operations on a server, client, or non-virtualised machine.
The technology could address malicious attacks as well as security breaches inadvertently caused by the actions of non-malicious staff, he said.
“Enterprises imagine that they’re safer on a private cloud – but they aren’t,” he said. “All the newest attacks are not attacks on the computer; they’re attacks on people.”
The risk of a security breach was amplified as consumerisation and cloud computing gained popularity, he noted.
Bromium currently had a headcount of 15 hypervisor and security engineers, based “right behind Apple” in Cupertino, US and in Cambridge, UK.
Crosby said “some parts” of Bromium would be available under an open source license, noting that both he and Pratt believed that the open source development methodology improved security.
But “core components of the hypervisor” – reported to consist of 10,000 lines of code in total – would remain Bromium’s intellectual property.
Crosby said the start-up had “lots still to discover” before forming a go-to-market strategy.
He did not rule out the possibility of a go-to-market partnership, and noted that he and Pratt had given Citrix six months’ notice and were “all friendly in terms of the departure”.
“What we have is way cool technology trying to become product,” he said.