sb-as logo
Story image

VMware & Carbon Black team up on new data center security solution

12 Dec 2017

VMware and Carbon Black are expanding their partnership to deliver a solution that aims to transform current approaches to cloud and data center security.

The new joint, cloud-based security solution shrinks an organisation’s attack surface while supplying security teams with automated threat detection and remediation.

It combines VMware AppDefense and Cb Defense’s advanced threat protection to provide a “one-two punch” for stopping threats to applications inside the data center.

VMware AppDefense leverages the power of the virtual infrastructure to create least privilege environments around applications.

This enforces system integrity using the hypervisor, provides visibility into the intended state and behaviour of applications, and monitors state and behaviour from a protected position.

Meanwhile, Cb Defense runs on the Predictive Security Cloud to provide next-generation endpoint protection that applies behavioral approaches to detect threats.

It uses streaming prevention to monitor for malicious behaviour on a machine to protect against malware and non-malware based attacks.

“Carbon Black and VMware will deliver a new model for security that marries complementary components, combined in ways that fully leverage the unique properties of virtualization and cloud to help protect organisations that was previously not possible,” comments Tom Corn, senior vice president, Security Products at VMware.

“With this new joint solution, data center endpoints can be strengthened with system integrity and least privilege, critical applications and data are safe from both non-malware and malware attacks and Security Operations will be empowered to react faster and more effectively than before.”

Moreover, the joint solution combines three key elements to advance cloud and data center security:

Enforcing Known Good Application Behaviour

The solution leverages virtual infrastructure to have an authoritative understanding of how data center endpoints are meant to behave and is the first to know when changes are made.

This contextual intelligence will remove the guesswork involved in determining which changes to processes, executables, and operating systems inside a given data center endpoint are legitimate and which indicate real threats.

Detecting Unknown Threats

The solution will leverage application context to perform advanced behavioural threat detection to provide additional protection beyond least privilege.

Any threat that isn’t prevented by locking down the application’s behaviour is picked up by Carbon Black’s Streaming Prevention – a next-gen threat detection technology that uses event stream processing to correlate multiple events over time to indicate the presence of a threat.

Additionally, users can see threat activity in real time, visualize the attack chain to see what attackers are trying to do, and respond immediately to shut down attacks in progress.

Automating and Orchestrating Response

Once a threat is identified, the solution provides a full understanding of application context during investigation, and will use the virtual infrastructure to deliver a library of responses, ranging from suspending or snapshotting a VM, to quarantining the compromised machine.

Carbon Black’s CEO Patrick Morley says, “Cloud and virtualization provides enterprises with new security opportunities that go beyond traditional approaches.”

“Carbon Black and VMware are uniquely capable of moving beyond point security solutions to give enterprises a more robust and holistic approach to securing mission critical applications running in the data center.”

“We are looking forward to the opportunity to help businesses around the world running more than 60 million VMs achieve the highest levels of security.”

Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Surfshark rolls out WireGuard open source VPN protocol
When there is less code in a VPN, it is less susceptible to security vulnerabilities due to easier configuration and management, according to Surfshark.More
Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Link image
Why the threat of ransomware requires quality resources to keep it at bay
With this ransomware prevention kit, learn actionable tactics for IT departments on how to manage backups and enable staff so that ransomware is a managed and controlled risk.More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More