Summary: VMware AppDefense continues to advance with new capabilities, new partnerships, international expansion, and increasing customer adoption


As worldwide spending on IT security climbs, Gartner forecasts worldwide security spending will reach$96 billion in 2018, up 8% from 2017(*).  This means the odds of falling victim to a data breach have risen to 1 in 4. Despite a multitude of security products on the market and large budgets to purchase them, businesses are not significantly safer. The commoditization of cyber crime has made it possible for virtually anyone with a computer to launch a sophisticated attack against a company and new attacks are being developed every day. This means the continued focus on chasing threats remains relatively ineffective to stamping out the broader challenges facing IT security.

This is a scary prospect for CISOs who are faced with securing the applications and data living in increasingly dynamic, distributed IT environments. And as more businesses embrace modern, agile application development processes, the problem of implementing security at the speed of the business is exacerbated – security is often seen as an obstacle to progress.

We created VMware AppDefense to address these very issues, with a unique approach that leverages the virtualization layer to protect applications by “ensuring good” rather than “chasing bad”. AppDefense leverages VMware’s unique position in the virtualization layer to understand what applications were provisioned or intended to do, and then monitors against that state.  If applications are manipulated, AppDefense can use the virtualization layer to automate response.  This new model is both simple and powerful, dramatically shrinking the attack surface, and providing richer context and controls for an organizations security controls.

And if you thought we’d stop just at the hypervisor, you were dead wrong.

Today we are excited to announce another major step forward for AppDefense, which is the ability to secure containerized workloads, demonstrating our continued commitment to securing applications running on any infrastructure. The AppDefense value proposition of providing foundational security for data center applications has resonated with customers. They want to apply AppDefense across the enterprise – which includes workloads running on VMware vSphere as well as container runtime platforms.  AppDefense is now the only solution that can now span both virtualized workloads and containerized workloads with a consistent approach to discovering context, setting rules, and managing alerts and remediation. By integrating container support into AppDefense customers can start to standardize least privilege enforcement across all of their applications. Let’s dig into this news a little more.

DevSecOps Changes the Rules of Engagement for IT Security

Due to advancements in the modern data center, applications and infrastructure evolve more quickly today than ever before. This creates a unique challenge for security teams.  The manual methods that security teams use to review and manage change can no longer keep pace when entire applications are being rebuilt and redeployed regularly. That means that if a security team was fortunate enough to understand what the application originally did (and could align security policy accordingly), they certainly don’t know what their application does today.

With AppDefense, we leverage these automation tools to our advantage. By integrating into the CI/CD pipeline with provisioning tools and automation frameworks, and aligning the expected state with runtime monitoring, AppDefense can maintain an authoritative map of intended state that stays in sync with agile application teams. This enables a DevSecOps approach.

This approach easily extends to containers which were born on automation and very declarative mechanisms for intended state; container manifests.  So by integrating into container security solutions we can extend our model into the cloud native world.

AppDefense has moved beyond just supporting VMware vCenter inventory to now include container workloads, running across all platforms (virtual servers, bare metal servers, and cloud platforms). AppDefense exposes an API to accept workload context from container orchestration systems, and also configure rules that are enforced by container security vendors running within the runtime environment. We are proud to announce that Aqua Security is the first partner with whom we are working in this area (read their news release here). Aqua provides runtime assurance for containers by evaluating and enforcing behavior when the container executes. They will send container context (“runtime profiles”) to AppDefense so that VMware will be able to manage/maintain security scopes across the data center. Aqua will also feed enforcement alerts into the AppDefense console for management and remediation. The Aqua Security integration will be generally available to AppDefense customers in VMware’s Q2 FY 2019.

Bringing the Unique AppDefense Value Proposition to Customers in Europe

The power of cloud-delivered security with AppDefense has shown a clear benefit to customers – but as with most cloud services its critical to maintain local data centers for performance and data sovereignty. European customers especially are facing increasing regulatory pressure related to data sovereignty. So we’re also excited to announce that AppDefense will be available to customers in Europe via support from European-based data centers beginning in VMware’s Fiscal Q2 (May 5 – July 3, 2018). The in-region datacenters for AppDefense will allow us to bring this critical cloud security service to more customers around the globe.

Progressive School District Delivers Next-Generation Security with AppDefense

Located near the city of Austin, Texas, Hutto Independent School District (ISD) is growing fast. Over the past 10 years, the school said the number of its students has increased from just over 1,000 at one K-12 campus to more than 7,000 students at 10 campuses. To meet new requirements for digital classrooms, the Hutto ISD Instructional Technology department said they must consistently improve opportunities for connected learning while keeping the district’s network and data secure. Hutto ISD said it needed to modernize its data center infrastructure and address critical security gaps without increasing its small IT team of nine employees. The district now leverages AppDefense with VMware NSX to improve network security with micro-segmentation and to protect servers from unknown threats. Watch this video to learn more about the Hutto ISD / VMware AppDefense story.

As we’ve seen, the vast majority of security problems today cannot be solved with a single product or technology, because they are more foundational and architectural in nature. With our continued advancements and growing momentum behind AppDefense, VMware is playing an even greater role in helping to make security an intrinsic part of the network and application fabric on which businesses are built.

Tom Corn

SVP and GM, Security Products, VMware





*Gartner Press Release, Gartner Forecasts Worldwide Security Spending Will Reach $96 Billion in 2018, Up 8 Percent from 2017, December 7, 2017