Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

9/29/2020
11:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

VMware Delivers Intrinsic Security to the World's Digital Infrastructure

New innovations advance security for public and private clouds, security operations, and distributed workforces

PALO ALTO, Calif.--(BUSINESS WIRE)-- VMworld 2020 — This week at VMworld 2020, VMware, Inc. (NYSE: VMW) unveiled new innovations to deliver intrinsic security to the world’s digital infrastructure. The solutions are designed to advance security for the public and private clouds, security operations and distributed workforces as organizations accelerate cloud adoption to build resilient, future ready digital infrastructure.

For many organizations, migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity amid the global pandemic. As cloud computing infrastructures proliferate, vulnerabilities increase. Attacker sophistication, security threats, breaches, and exploits are more prevalent than ever. And today, security strategies are often vulnerable to attacks on modern cloud workloads.

“Amid global disruption, the key to survival for many companies has meant an accelerated shift to the cloud and ultimately, bolting on security products in their data centers,” said Sanjay Poonen, chief operating officer, Customer Operations, VMware. “But legacy security systems are no longer sufficient for organizations that are using the cloud as part of their computing infrastructure. It’s time to rethink security for the cloud, organizations need protection at the workload level, not just at the endpoint. The future of cloud must be met with a better way to secure data and applications.”

At VMworld 2020, VMware is delivering a range of solutions and services to help customers survive and thrive in the most turbulent times in generations. VMware’s cloud, app modernization, networking, security and digital workspace platforms form a flexible, consistent digital foundation on which to build, run, manage, connect and protect applications, anywhere.

Security for the Private and Public Cloud

As organizations continue their journey towards cloud transformation and application modernization, they require modern security solutions that are both powerful and easy to operationalize. Unveiled today, VMware Carbon Black Cloud WorkloadTM,delivers advanced protection purpose-built for better securing modern workloads to reduce the attack surface and strengthen security posture. This innovative solution combines prioritized vulnerability reporting and foundational workload hardening with industry-leading prevention, detection and response capabilities to protect workloads running in virtualized, private and hybrid cloud environments.

The solution combines Carbon Black’s security expertise with VMware’s deep knowledge of data centers to build security into workloads. VMware customers can experience the advanced new solution with a six-month unlimited free trial of VMware Carbon Black Cloud Workload Essentials, available for all current vSphere 6.5 and VMware Cloud Foundation 4.0 customers.

Tightly integrated with VMware vSphere, VMware Carbon Black Cloud Workload provides agentless security that alleviates installation and management overhead and consolidates the collection of telemetry for multiple workload security use cases. This unified solution enables security and infrastructure teams to automatically help secure new and existing workloads at every point in the security lifecycle, while simplifying operations and consolidating the IT and security stack.

Workload security is especially complicated in hybrid data center architectures that employ everything from physical, on-premises machines to multiple public cloud infrastructure as a service (IaaS) environment to container-based application architectures. For security teams, VMware Carbon Black Cloud Workload will offer:

  • Visibility to Identify Risk and Harden Workloads: Carbon Black Cloud Workload helps security and infrastructure teams focus on the most high-risk vulnerabilities and common exploits across their environments, because it’s not about finding the most vulnerabilities—it’s about finding the right ones. Prioritize vulnerabilities based on a combination of the Common Vulnerability Scoring System (CVSS), real-life exploitability and real-life frequency of attack, increase patching efficiency with best-in-class prioritization, and take immediate action in vSphere Client.
  • Prevention, Detection and Response to Advanced Attacks: Security teams often lack visibility and control in highly dynamic virtualized data center environments. Carbon Black Cloud Workload protects workloads running in these environments by combining vulnerability assessment and workload hardening with industry leading next-generation antivirus (NGAV), workload behavioral monitoring, and endpoint detection and response (EDR) for workloads.
  • Simplified Operations for IT and Security Teams: The VMware intrinsic approach builds security into the virtual fabric, enabling protection everywhere workloads are deployed, and eliminating the trade-off between security and operational simplicity. But organizations also need the infrastructure team to be able to operationalize more of security policy and hardening. That requires giving them the right visibility into risk, and the tools to harden workloads right inside their own consoles. Carbon Black Workload accomplishes this by building security risk visibility right into VMware vCenter, with the same visibility security operations see in Carbon Black Cloud – giving them a single source of truth. This will not only accelerate response to critical vulnerabilities and attacks, it will foster far greater collaboration between IT and security teams.

VMware will introduce expanded offerings for Carbon Black Cloud Workload later this year including a new module for hardening and better securing Kubernetes workloads. The new capabilities will give security teams governance capabilities and control of Kubernetes environments.

The Future of Security Operations

Security incident detection and response has never been more critical or more challenging. A July VMware Carbon Black report found 94 percent of organizations worldwide suffered a data breach1 from March 2019 to March 2020. Security operations teams need detection capabilities that go beyond discovering malicious software to discovering software being used maliciously. They need a broader set of “camera angles” that include endpoint, workload, network, user, and application. And they need a more holistic approach to responding to those threats given the connected nature of workloads and the applications they compose.

Extended Detection and Response (XDR) is the opportunity to do just that: provide a unified approach to security incident detection and response that can leverage multiple domains – from endpoint to workload to user to network. VMware is announcing its approach to XDR as part of a multi-year effort to build the most advanced and comprehensive security incident detection and response solutions available. The strategy leverages a combination of security technologies and platform integrations to create an XDR solution that is both extensible and intrinsic. The VMware XDR effort will include cross-platform integrations from various solutions including Workspace ONE, vSphere, Carbon Black Cloud, NSX Service-defined Firewall and more.

Security for the Distributed Workforce

The distributed workforce introduces a number of challenges ranging from employee on-boarding, visibility and compliance, security, employee safety and more. In order to address these challenges and successfully embrace the future of work, organizations need to re-think how they approach security, experience and operational complexity associated with the IT environment. Security must not only be intrinsic, it needs to be thought of in the context of employee experience to maximize productivity and engagement. To enable that differentiated approach, VMware today introduced, expanded capabilities for the VMware SASE Platform, Workspace Security VDI and Workspace Security Remote.

The new solutions will deliver end-to-end zero trust security controls, and simplified management – where VMware’s Secure Access Service Edge, Digital Workspace and Endpoint Security technologies work harmoniously across any application on any cloud to any device. For more information, please visit: VMware Announces Future-Ready Workforce Solutions to Address the Needs of the Distributed Workforce.

VMware NSX Advanced Threat Prevention

This expanded offeringwill bring together sandboxing, network traffic analysis and network detection and response capabilities acquired from Lastline with the NSX Firewall. VMware NSX Advanced Threat Prevention uses AI-powered network traffic analysis to analyze network traffic and uncover anomalous activity caused by an active threat in the network. These NTA capabilities use unsupervised and supervised machine learning models to accurately identify threats and minimize false positives compared to other network traffic analysis tools. The solution delivers an industry-first ability to apply virtual patches at every workload, something traditionally only implemented at the perimeter for advanced security for distributed workforces.

One-Click Integrations with Zscaler

VMware and Zscaler are introducing new end-to-end visibility and protection for distributed workforces. The one-click integrations will enable mutual customers to stop zero-day threats from impacting endpoints and enable true zero trust conditional access to internal applications.

The flexible prevention policies and endpoint response actions of VMware Carbon Black combined with the advanced threat protection, sandboxing, better secure private applications access capabilities, and visibility into files and corporate assets of Zscaler Zero Trust Exchange provide an endpoint-to-cloud solution that identifies risk across any environment. This mutual solution also prevents those risks from impacting endpoints, enables zero trust conditional access to internal applications, and automatically responds in real-time to any activity found to be malicious.

Supporting Quote

“As we quickly transitioned to a fully distributed workforce, it was critical for our security posture to align with the prominence of this moment and the critical role Zoom played in business continuity for our customers,” said Aparna Bawa, chief operating officer, Zoom. “The collaboration with VMware delivers a more secure digital workspace and enables endpoints in our organization to be better safeguarded and compliant with IT security policies.”

Product Availability

VMware Carbon Black Cloud Workload is expected to be available in November 2020. The Carbon Black Cloud module for hardening and securing Kubernetes workloads is expected to be available in December 2020.

Additional Resources

News at VMworld 2020

Read a summary of today’s news from Chris Wolf: VMworld 2020: Innovating with the Expectation of Change

About VMware

VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernization, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit https://www.vmware.com/company.html.

VMware, vSphere, NSX, Workspace ONE, VMworld, Carbon Black, VMware vCenter, VMware Cloud Foundation, VMware SASE Platform, VMware Workspace Security, NSX Service-defined Firewall, and VMware Carbon Black Cloud Workload are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.

  1. VMware Carbon Black, “Global Threat Report: Extended Enterprise Under Threat,” July 14, 2020.

 

Samantha Mayowa
VMware Global Communications
[email protected]
+1 (781) 552-3062

Jessica Bettencourt
InkHouse
[email protected]
+1 (774) 451-5142

Source: VMware, Inc.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Are the 'Great Exits' in the Data Security Market?
Dave Cole, Cofounder and CEO, Open Raven,  10/13/2020
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7747
PUBLISHED: 2020-10-20
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller.
CVE-2020-7748
PUBLISHED: 2020-10-20
This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.
CVE-2020-7749
PUBLISHED: 2020-10-20
This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ({{{ ... }}}). As such, it is possible for an attacker to inject arbitrary HTML/JS code and depending on the context. It will be outputted as an HTML on the page wh...
CVE-2020-5640
PUBLISHED: 2020-10-20
Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors.
CVE-2020-15256
PUBLISHED: 2020-10-19
A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. The vulnerability is limited to the `includeInheritedProps` mode (if version >= 0.11.0 is used), which has to be explicitly enabled by creating a new instance of `object-path` and settin...