VMware Enhances Its Unique Lateral Security for Multi-Cloud

VMware Enhances Its Unique Lateral Security for Multi-Cloud

June 6, 2022 Off By David

VMware Inc. announced significant  enhancements to its unique lateral security capabilities to help customers achieve strong security for both modern and traditional applications, across multi-cloud environments. Ahead of  RSA Conference 2022, VMware introduced Contexa, VMware’s full-fidelity threat intelligence capability that observes the breadth of VMware’s network, endpoint, and user technologies. With Contexa, VMware is reframing traditional security analytics with enriched threat intelligence  to enhance its security and management portfolio. 

“Threat actors are increasingly deploying sophisticated infiltration tactics, including the use of  stolen credentials in order to exploit vulnerabilities and hide in the noise of normalcy,” said Tom  Gillis, senior vice president and general manager, Networking and Advanced Security Business  Group, VMware. “In a world where the stakes in security continue to rise, lateral security has  become the new battleground. Combining VMware Contexa with our architectural advantage,  VMware exclusively sees every process running in an endpoint, every packet crossing the  network, every access point, and the inner workings of both traditional and modern apps to  identify and stop threats others can’t.” 

VMware Contexa Leaves Attackers with Nowhere to Hide 

VMware Contexa is a full-fidelity threat intelligence cloud that sees what other solutions don’t  and stops what other solutions can’t. With a privileged position in the infrastructure, Contexa observes and understands the inner workings of both modern and traditional apps every step of  the way- from user, to device, to network, to run time, to data.  

VMware Contexa records and processes over 1.5 trillion endpoint events and over 10 billion network flows daily, along with strategically curated threat intelligence data captured through  technology partnerships. This rich context is further analyzed using machine learning and insights of over 500 researchers across VMware’s Threat Analysis Unit and incident response  partners. Today, Contexa uncovers over 2.2 billion suspicious behaviors daily, achieving zero  touch detection and automated, graduated response for over 80 percent of these events. 

Integrated into every VMware security product, Contexa will be available to all new and existing customers at no additional cost. The company that pioneered virtualization, now protects VMs  like no other-and is driving innovation in modern application security. 

An Innovator in App Modernization Secures Apps at Scale 

VMware Tanzu is a trusted partner for companies in their app modernization journey, helping  them build, operate, and better secure modern applications at scale on any cloud. Today,  VMware announced further enhancements to its Modern Apps Connectivity Services (MACS)  solution that allows customers to build security into the full application lifecycle. With VMware Tanzu Service Mesh’s capabilities, customers now gain deep visibility and insights into the inner  workings of application micro-services as they interact with each other via internal (East-West)  APIs-and help to better protect them. VMware Contexa allows Tanzu Service Mesh to  understand the context of the internal traffic flows, and therefore more accurately identify  legitimate internal traffic from the internal movement of attacks such as ransomware.

A Pioneer in Virtualization Protects VMs Like No Other 

A leader in virtualization, VMware has introduced innovative and powerful distributed security  capabilities for its multi-cloud platform over the years, allowing the company to make customer  workloads more secure on VMware clouds. As innovations in server virtualization have driven  higher virtual machine densities on a single physical server, less lateral traffic is visible to a  network tap. This makes it difficult for a Security Information and Event Management (SIEM)  technology or security analytics solution to identify lateral security threats by analyzing sampled  data such as network flow records or selected network traffic taken from taps.  

VMware has introduced new capabilities to help customers identify and respond to malware and  ransomware attacks in the network by integrating its advanced intrusion detection & prevention  (IDS/IPS) and Network Traffic Analysis (NTA) directly into the virtualization layer with VMware  NSX. These new enhancements, powered by VMware Contexa, now inspect and analyze every  packet and every process to provide extremely high-fidelity alerts that other systems relying on  sampled data cannot match. 

Anywhere Workspace Platform Advances Security for Employee Devices

New innovations to VMware Workspace ONE will make it easier for IT teams to manage and  better secure all employee devices, while contributing to Contexa’s rich data set. VMware is  today introducing Workspace ONE Mobile Threat Defense, which incorporates technologies  from Lookout, a leader in the mobile security space. The new offering will help protect  employees’ mobile devices from a wide range of application, device, and network-originated  threats. Workspace ONE Mobile Threat Defense can be activated within Workspace ONE  Intelligent Hub. For IT, this means there are no separate apps or agents to download or deploy,  and vital information – including alerts and suggested resolutions – is conveyed via a resource  that employees use for daily work. 

VMware is also introducing new Workspace ONE capabilities that will make managing  updates/patches even easier and elevate the security posture of Windows devices. For  instance, the new capabilities will enable IT to automate critical updates to pre-approved  groups, hand test patches more likely to create issues, and pause or rollback patches if an issue  is detected. Further Workspace ONE enhancements are detailed here.