What is HVMI?

HVMI stands for Hypervisor-based Memory Introspection. The technology leverages Virtual Machine Introspection (VMI) APIs in the Xen and KVM hypervisors. By gaining introspection of the raw memory of
running guest virtual machines, HVMI can apply security logic to detect and prevent the use of common attack techniques, such as buffer overflows, heap spray, code injection, and so-on.

A research and development team at Bitdefender extended the VMI APIs by working with the Xen Project and KVM Project communities. Bitdefender initially released a commercial solution known as GravityZone Hypervisor Introspection (HVI). The core components of HVI were open-sourced in mid-2020, forming the basis of the HVMI project.

The primary goal of the HVMI project is to build a community to foster development of new features and use-cases.

Introduction to HVMI

Getting Started

To get started, check out our GitHub repository.


HVMI is licensed under Apache 2.0.