AppDefense: A sophisticated solution for threat detection and response
More than ever, businesses are relying on digital information and while they are spending more on security products, data breaches are still occurring at a startling rate1. The fallout from a data breach can have major impacts that extend from compliance and regulatory issues through to a drop in consumer confidence and loss of critical IP. Yet data is increasingly important for organizations to compete in the current marketplace and therefore data security cannot be ignored.
VMware’s newest security product, VMware AppDefense, enables organizations to tackle some of the challenges associated with keeping data safe. A data center endpoint security solution, VMware AppDefense embeds threat detection and response into the virtualization layer on which applications and data live. Because VMware AppDefense operates directly in the vSphere hypervisor, it accumulates an intuitive knowledge of the correct state and behavior of each endpoint, the ‘known good’, and has the ability to detect unauthorized changes as they happen.
By focusing on validation of the ‘known good’ parameters of an endpoint, VMware AppDefense tightens the process by removing the need to search the entire environment chasing ‘known’ or ‘unknown bad’ behaviors that may, or may not, indicate a threat. By reducing the occurrence of false positives, security teams can have a high degree of confidence that a detected anomaly is a true threat. And because VMware AppDefense sits in isolation from the attack surface, the threat of being compromised itself is reduced significantly.
How does VMware AppDefense help?
Application-Centric Alerting for the Security Operations Center (SOC)
AppDefense doesn’t produce a lot of alerts, but when it raises the alarm it’s smart to listen. Its authoritative alerts and automated response capabilities allow security administrators to focus on catching and eradicating threats from their environment, rather than sifting through noisy data and investigating threats that aren’t there.
Transforming Application Security Readiness Reviews
In the world of modern application development, apps are launched, changed and decommissioned rapidly. By the time a security team learns of a new application, it has often already changed. AppDefense creates a common source of truth between application teams and the security teams, streamlining the security review process.
The potential threat to businesses is real and the implications of having critical data compromised can be very costly and damaging. Organizations must ensure that the security services they have implemented across their platforms strengthen their network, applications, and data center endpoint positions.
To learn more about VMware AppDefense and our other Cloud Services, visit cloud.vmware.com/appdefense
Identity Theft Resource Center (ITRC), Data Breach Reports: 2016 End of Year Report, 2016