At VMworld 2017, VMware has announced its breakthrough solution for securing applications running on virtualized or cloud environments – VMware AppDefense. This new security solution leverages the virtual infrastructure to monitor running applications against their intended state, and can detect and automate response to attacks that attempt to manipulate those applications. Additionally, integrations with third-party solutions will enable a partner ecosystem to leverage VMware’s AppDefense unique application visibility and response orchestration.
“The growing frequency and cost of security incidents points to a fundamental flaw in security models that focus solely on chasing threats,” said Tom Corn, Senior Vice-President, Security Products, VMware. “AppDefense delivers an intent-based security model that focusses on what the applications should do – the known good – rather than what the attackers do – the known bad. We believe it will do for compute, what VMware NS and micro-segmentation did for the network; enable least privilege environments for critical applications.”
An intent-based security model is made possible through –
* Increased use of automation in application and infrastructure provisioning
* Use of application frameworks that provide richer and more authoritative views of intended state
* Application of machine learning that enables the ability to reason about state and behaviour across large populations
* Increased use of virtualization and cloud, which provides greater application context and isolation
Leveraging VMware vSphere gives AppDefense several unique capabilities. First, it is in a unique position to see rich application context; both run state and provisioned state. Second, it can leverage the hypervisor to create a protected zone from which to store intended state and monitor runtime behavior. Third, it can leverage vSphere and NSX to automate and orchestrate response. The result is that AppDefense can significantly reduce the attack surface, making threat identification and response more efficient, and creating a more agile DevOps-friendly model for security.
“A security model concentrating on appropriate application behavior can help shrink the attack surface and improve the ability to pinpoint real threats,” said Jon Oltsik, Senior Principal Analyst and the founder of ESG’s cybersecurity service. “With this focus on intended state behaviour, AppDefense offers a productive alternative to traditional application and endpoint security. In this way, VMware AppDefense is shifting the focus from simply securing the virtual infrastructure, to using vSphere capabilities as creative enhancements to applications and infrastructure security.”
AppDefense enables customers to improve the effectiveness of existing security controls. Endpoint security, security information and event management (SIEM) and Security Operations Center Analytics are able to integrate with AppDefense to gain unique application context, leverage the virtual infrastructure for remediation, and protect their own position on the endpoint. Managed Security Service Providers (MSSPs) are able to build new data center and cloud security offerings around AppDefense.
Tags: VMworld 2017, VMware, VMware AppDefense, VMware vSphere, cybersecurity, Endpoint security, SIEM, Managed Security Service Providers, AppDefense
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
