Customer Challenge
VMware Cloud™ on AWS allows organizations to extend their on-premise VMware deployment to the AWS Cloud to create an extended Hybrid Cloud deployment. However, the dynamic nature of the cloud makes management of both cyber risks, and compliance risks, a real challenge, as workloads get distributed within this environment. Customers desire a single risk management control plane to manage compliance needs and risks from cyber threats, with a unified view across their hybrid cloud workloads.
Introduction
VMware Cloud™ on AWS allows organizations to extend their on-premise VMware deployment to the AWS cloud to create an integrated hybrid cloud deployment. Caveonix RiskForesight™ platform provides proactive workload protection from risks due to cyber threats as well as regulatory compliance issues.
RiskForesight is Partner Ready and fully validated for VMware Cloud™ on AWS.
Solution Deep Dive
Enterprises need a proactive and vigilant approach for protecting workloads from cyber threats and maintaining continuous compliance requirements across the hybrid cloud. Protecting these workloads requires an understanding of what workloads are deployed, how they may be subject to the latest threats, and how to ensure continuous regulatory compliance. RiskForesight’s ability to proactively identify risks due to cyber threats and compliance control failures provides a significant Return on Investment (ROI) by implementing real-time active defense of the customer’s hybrid cloud, ensuring their workloads are secure and compliant.
RiskForesight consists of three main modules: Detect, Predict and Act. The automation implemented by the Detect, Predict and Act modules enables scalable, secure operations that are difficult to achieve manually. RiskForesight Compliance Regulations include: PCI, HIPAA, ISO, FFIEC, FedRAMP Low-Mod-High, NIST/FISMA, GDPR, and NESA.
The Detect module provides real-time visibility into what is running in the hybrid cloud through native integration into the cloud orchestration platforms based on the VMware technology stack, such as vCD, vRA, vSphere, and NSX. VMware Cloud™ on AWS extends this same technology stack by giving organizations a consistent operating model and application mobility for the public cloud on AWS. It maps all of the customer’s assets and information flows to know precisely when a container or application is spinning up or down, and what is happening to those workloads.
The Predict module uses RiskForesight’s CaveoIQtm predictive analytics algorithm. CaveoIQ runs predictive analytics and machine learning to ensure security, network, compliance, and policy enforcement, and builds quantitative risk mitigation models for each hybrid cloud workload. CaveoIQ uses these quantitative models to identify the 20% risk reduction steps that will deliver the most risk reduction, followed by the next 20%, and so forth. The proactive modeling and prioritization of actions allows operators to focus on the greatest impact with the minimal resources to avoid costly recovery operations after an attack. An ounce of prevention is always better than a pound of cure.
Finally, the Act module takes the risk mitigation models and allows manual actions, semi-automated, and active automated defense to quarantine a particular endpoint or shut down an endpoint based on a risk threshold.
RiskForesight is now available through the VMware Cloud Provider Program. The program includes value-added solutions from VMware and its partners that are delivered on a PAYGO license rental basis to customers through its Cloud Provider Partners. Caveonix’s RiskForesight platform is available for any VMware Cloud Provider Program partner to consume through the program and enables multiple value-added service offerings for the service provider.
