VMware to Acquire Lastline, Anti-Malware and AI-Powered Network Detection

By David Marshall

The VMware spending spree continues, with the virtualization giant adding another security play to its bag of tricks.  VMware has agreed to purchase anti-malware research and AI-powered network detection and response pioneer, Lastline.  The acquisition will help VMware deliver on its vision of Intrinsic Security, as it will allow the company to further take advantage of the intrinsic attributes of its virtualization platform to yield innovative security capabilities.

This further expands VMware into the cybersecurity market, as Lastline joins VMware’s Carbon Black acquisition from nine months earlier, the next-generation endpoint security vendor it purchased for $2.1 billion.

VMware plans on leveraging Lastline to help increase the capabilities of Carbon Black and its Threat Analysis Unit (TAU).  The new addition will allow VMware to continue to foster their deep understanding not just of the threat, but of the motivation and tactics behind the threat.

Beyond the technology, VMware is also gaining what it calls, “a world class team of network-focused anti-malware researchers and developers, and go-to-market security experts, into the NSX team.”  According to Tom Gillis, SVP and GM, Networking and Security Business Unit at VMware, “Lastline boasts several of the top 10 most published security threat researchers globally, and the Lastline team has been credited with bringing structure and rigor to the world of malware research.  This is reflected in the fact that the Lastline team has 15 PhDs and academics on staff.”

“By joining forces with VMware, we will be able to offer additional capabilities to our customers and bring to market comprehensive security solutions for the data center, branch office and remote and mobile users,” said Lastline CEO John DiLullo.

Lastline’s core product is a malware sandbox that uses full-system emulation to look at every instruction the malware executes, which Gillis claims will yield a deeper understanding of how the malware works, which allows the Lastline team to also detect and block the many derivates of malware families.

“As a result, Lastline’s system detects twice the number of malicious files as a signature-based system,” explains Gillis.  “Lastline detonates more than 5 million file samples daily, and the Lastline technology protects more than 20 million users across 1000’s of organizations around the world, including 5 of the 10 largest financial institutions.  Many of the most recognized online applications including online payments, financial management, tickets, retail, and streaming media are protected by the Lastline platform.”

An interesting play for Lastline will come in the form of VMware NSX.  Gillis explains the NSX architecture will allow Lastline to perform network analytics at massive scale, across tens of thousands of cores, without the burden of tapping network traffic.  And VMware plans to combine that context with the deep understanding of the host that is currently provided by Carbon Black.

“Lastline malware analysis will become a critical feed for our Carbon Black EDR and NGAV platform,” said Gillis.

DiLullo said the combined company will bring to market comprehensive security solutions for the data center, branch office and remote and mobile users.  In recent years, his company has enjoyed tremendous growth and acclaim for its AI-based threat detection capabilities, and recognition for its success with their Network Detection and Response (NDR) and Public Cloud security solutions.

“There are few security companies that have the breadth of network and endpoint capabilities as we expect the combined Lastline and VMware will have,” states DiLullo.

Terms of the transaction, which is expected to close by July 31st, were not disclosed.  But, the deal has been approved by the boards of both VMware and Lastline, with the deal now subject to certain regulatory approvals.

##

About the Author

David Marshall is an industry recognized virtualization and cloud computing expert, an eleven time recipient of the VMware vExpert distinction, and has been heavily involved in the industry for the past 20+ years.  To help solve industry challenges, he co-founded and helped start several successful virtualization software companies such as ProTier, Surgient, Hyper9 and Vertiscale. He also spent a number of years transforming desktop virtualization while at Virtual Bridges.

David is an author of two very popular server virtualization books and the Technical Editor on Wiley’s “Virtualization for Dummies” and “VMware VI3 for Dummies” books.  David authored countless articles for a number of well known technical magazines, including: InfoWorld, Virtual-Strategy and TechTarget.  In 2004, he founded the oldest independent virtualization and cloud computing news site, VMblog.com, which he still operates today.

Follow David Marshall

Twitter: @vmblog
LinkedIn: https://www.linkedin.com/in/davidmarshall
Blog: https://vmblog.com