Can VMware become a leading cybersecurity vendor?

CSO | August 27, 2019

When you think about VMware and cybersecurity, two products have always stood out. NSX, which has evolved into a common micro-segmentation tool for east/west traffic within ESXi, and AppDefense, which monitors applications, determines “normal” behavior, and detects anomalies. Now, VMware has other security capabilities, but few cybersecurity pros know a thing about them. Why? Because despite its strong technology, VMware has never established itself as a cybersecurity vendor. Many VMware salespeople have a cursory understanding of the company’s security capabilities, while partners often complain that beyond its Palo Alto, California, headquarters, VMware isn’t proficient at driving security go-to-market programs with channel partners or its global sales organization.

Spotlight

Get a fresh perspective on your IT challenges at the new briefing center in Palo Alto, California. The Discovery Center is truly special—an immersive briefing experience designed to match you with VMware experts who can help you solve unique challenges and walk away with a clear picture of what to do next. Here’s what you can expect: immersive working sessions with VMware experts and strategists, information on the latest technologies and trends relevant to you, and tools to help you create a custom strategy based on your business challenges and objectives.

Spotlight

Get a fresh perspective on your IT challenges at the new briefing center in Palo Alto, California. The Discovery Center is truly special—an immersive briefing experience designed to match you with VMware experts who can help you solve unique challenges and walk away with a clear picture of what to do next. Here’s what you can expect: immersive working sessions with VMware experts and strategists, information on the latest technologies and trends relevant to you, and tools to help you create a custom strategy based on your business challenges and objectives.

Related News

VIRTUAL DESKTOP TOOLS

VMware Report Warns of Deepfake Attacks and Cyber Extortion

VMware | August 09, 2022

At Black Hat USA 2022, VMware, Inc. released its eighth annual Global Incident Response Threat Report, which takes a deep dive into the challenges faced by security teams amid pandemic disruptions, burnout, and geopolitically motivated cyberattacks. Sixty-five percent of defenders state that cyberattacks have increased since Russia invaded Ukraine, according to report findings. The report also shines a light on emerging threats such as deepfakes, attacks on APIs, and cybercriminals targeting incident responders themselves. “Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls,” said Rick McElroy, principal cybersecurity strategist at VMware. “Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environment.” Additional key findings from the report include: Cyber pro burnout remains a critical issue. Forty-seven percent of incident responders said they experienced burnout or extreme stress in the past 12 months, down slightly from 51% last year. Of this group, 69% (versus 65% in 2021) of respondents have considered leaving their job as a result. Organizations are working to combat this, however, with more than two-thirds of respondents stating their workplaces have implemented wellness programs to address burnout. Ransomware actors incorporate cyber extortion strategies. The predominance of ransomware attacks, often buttressed by e-crime groups’ collaborations on the dark web, has yet to let up. Fifty-seven percent of respondents have encountered such attacks in the past 12 months, and two-thirds (66%) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail. APIs are the new endpoint, representing the next frontier for attackers. As workloads and applications proliferate, 23% of attacks now compromise API security. The top types of API attacks include data exposure (encountered by 42% of respondents in the past year), SQL and API injection attacks (37% and 34%, respectively), and distributed Denial-of-Service attacks (33%). Lateral movement is the new battleground. Lateral movement was seen in 25% of all attacks, with cybercriminals leveraging everything from script hosts (49%) and file storage (46%) to PowerShell (45%), business communications platforms (41%), and .NET (39%) to rummage around inside networks. An analysis of the telemetry within VMware Contexa, a full-fidelity threat intelligence cloud that’s built into VMware security products, discovered that in April and May of 2022 alone, nearly half of intrusions contained a lateral movement event. “In order to defend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats, When security teams are making decisions based on incomplete and inaccurate data, it inhibits their ability to implement a granular security strategy, while their efforts to detect and stop lateral movement of attacks are stymied due to the limited context of their systems.” Chad Skipper, global security technologist at VMware Despite the turbulent threat landscape and rising threats detailed in the report, incident responders are fighting back with 87% saying that they are able to disrupt a cybercriminal’s activities sometimes (50%) or very often (37%). They’re also using new techniques to do so. Three-quarters of respondents (75%) say they are now deploying virtual patching as an emergency mechanism. In every case, the more visibility defenders have across today’s widening attack surface, the better equipped they’ll be to weather the storm. Methodology VMware conducted an online survey about trends in the incident response landscape in June 2022, and 125 cybersecurity and incident response professionals from around the world participated. Percentages in certain questions exceed 100 percent because respondents were asked to check all that apply. Due to rounding, percentages in all questions may not add up to 100 percent. VMware Explore In addition to VMware’s presence at Black Hat USA 2022, there will be more than 100 security talks at VMware Explore, the global multi-cloud industry event taking place August 29 – September 1, 2022 at Moscone Center in San Francisco. Register today to begin building your agenda. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More

VIRTUAL DESKTOP TOOLS

Fungible Storage Cluster Now Supports VMware vSphere

Fungible | June 08, 2022

Fungible Inc., the dynamic composable infrastructure business, today announced the launch of Fungible Storage Cluster® (FSC) 4.1, which adds support for high-performance VMware vSphere settings. In managing complex and dynamic computational environments, virtual machines give unrivaled flexibility. Storage needs for workloads operating in virtualized environments can vary. Fungible's high-performance all-flash array based on NVMe/TCP is now vSphere certified and available for VMware virtualized environments for demanding applications. Customers can now enjoy the improved management of vSphere paired with the excellent performance of Fungible's Storage Cluster thanks to the newest version (4.1). Marc Fleischmann, Cloud CTO, VMware said that "NVMe/TCP enables vSphere customers to accelerate their storage performance while leveraging existing investments and lowering complexity. Through collaboration with innovative companies such as Fungible, VMware continues to build a world-class ecosystem of technology partners that offer our customers flexibility and choice to meet their business requirements.” Customers can use NVMe/TCP to connect FSC storage into their ESXi hosts and obtain what looks to be local storage. Even though it is a shared resource, the resultant performance is essentially comparable to local storage, and the cost advantages mirror the performance benefits. Eric Burgener, Research Vice President, Infrastructure Systems, Platforms and Technologies at IDC said that “VMware vSphere is the virtualization infrastructure of choice for a variety of mission-critical, performance-sensitive workloads in the data center. As IT organizations deploy more workloads that require accelerated compute and storage, the use of composable, disaggregated infrastructure (CDI) like that available from Fungible will be deployed more often to enable the more efficient use of these types of resources in VMware environments. IDC expects that the CDI market overall will top $4.8 billion by 2025.” “VMware has long led the drive to improve flexibility and utilization of data center infrastructure. Now with the latest release of our vSphere certified Fungible Storage Cluster, VMware users can further enhance their ability to tune demanding workloads to get the utmost performance and flexibility. Trade-offs of flexibility versus performance are no longer required. Pairing VMware with NVMe/TCP for storage access with our DPU-powered Storage Cluster allows VMware customers to address the performance requirements of today's modern applications.” Pradeep Sindhu, Co-Founder and CDO of Fungible FSC may also result in storage cost reductions for vSphere users since its erasure coding offers comprehensive data protection at a lower cost than typical RF1 or RF2 replication. Moreover, Fungible's composable data architecture allows for the flexibility to compose storage to suit current demands and recompose it to adjust to the changing needs, giving exceptional investment protection.

Read More

VMWARE

XDR Alliance Welcomes New Member VMware

EXABEAM | June 07, 2022

Today, the XDR Alliance welcomed VMware as a new member. This is the alliance's newest cybersecurity innovator to join and proclaim a commitment to an open, inclusive, and collaborative extended detection and response (XDR) architecture. By bringing expertise in endpoint, workload, and network security efficacy, as well as developing threat detection capabilities, VMware expands the alliance's technological reach. Gorka Sadowski, chief strategy officer, Exabeam and founder of the XDR Alliance said that “We are thrilled to add VMware to the XDR Alliance as we continuously work towards improving security for the industry at large. Most of today’s cyber attacks feature advanced tactics such as lateral movement that target legitimate tools to inflict damage. By welcoming VMware to the XDR Alliance, we can utilize its endpoint, workload, and network security expertise to drive the open XDR mission forward and ensure it is addressing these sophisticated threats.” “Carbon Black was one of the earliest pioneers of endpoint detection and response (EDR) which fundamentally transformed security by acknowledging comprehensive telemetry is essential to defending against evolving attacks. XDR expands this concept beyond the endpoint to enable better detection, investigation, and response. Rather than building walled gardens that lock customers in, VMware believes in aligning to how customers buy and use security solutions today to enable a multi-vendor XDR solution that is far better than what any one company or closed partner program can provide.” Jason Rolleston, VP, Product Management, VMware The Charter of the XDR Alliance The XDR Alliance's charter is to define and encourage an open XDR framework and architecture that works best for end users; to assist SecOps teams in better integrating new and evolving applications and technologies; to make it easier for SecOps teams to deliver on the value-add use cases that their organizations need; to ensure interoperability across the XDR security vendor solutions set; and to join forces on XDR market education and awareness. Members of the XDR Alliance represent complementary technologies in security analytics, security information and event management (SIEM), endpoint, email, identity, cloud, network, and OT/IoT security and threat intelligence, and they work together to provide open XDR and threat detection, investigation, and response (TDIR). Managed security service providers (MSSPs), managed detection and response services (MDRs), and systems integrators are also alliance subcategories (SIs). Armis, CyberArk, Exabeam, Expel, ExtraHop, Google Cloud Security, Mimecast, Netskope, Recorded Future, SentinelOne, and VMware are among the founding and new members of the XDR Alliance.

Read More