Enterprises are taking the opportunity to make smarter business decisions to increase productivity or provide new customer experiences with new applications at the edge. Increasing use of IoT devices, computer vision, augmented and virtual reality are accelerating the pace of transformations. As the number of users, devices, locations, and applications multiply, the entry points for cyber-attacks continue to increase. Security is a team sport that requires all aspects of prevention, inspection, detection, and mitigation working in lock step to protect assets and prevent ransomware attacks. To help our joint customers navigate this rapidly changing landscape, VMware and Microsoft are partnering to share VMware SASE™ data with Microsoft Security Copilot.
The VMware software-defined edge uses a flexible architecture that enables customers to share insights with third party generative AI solutions, including security solutions. When VMware and Microsoft customers take advantage of the Microsoft Security Copilot solution, security operations teams can detect threats, manage incidents, automate response, and improve security posture using the power of generative AI. This intelligent approach reduces complexity and tightens security posture at the edge.
VMware SASE: Intelligent and secure overlay
VMware SASE is the intelligent and secure overlay fabric of software-defined edge that connects services at the edge with other parts of the distributed digital infrastructure in a safe and secure manner. VMware SASE enables customers to protect their assets including data, applications, user-devices, IoT devices, and the network, with a comprehensive defense strategy. The solution protects these assets at the edge with stateful firewall inspection, IDS and IPS capabilities, and more. The solution uses principles of zero trust to provide access for users from any location to only those services and applications a user is allowed and nothing more.
VMware SASE gives security teams the ability to control access to internet applications and inspect content for malicious payloads using the latest threat signatures or isolating them in sandbox environment for further inspection. Cybersecurity professionals can control all activities undertaken by users when they access cloud applications with our Cloud Access Security Broker (CASB) capabilities while preventing sensitive data from leaving the enterprise perimeter with Data Loss Prevention (DLP) functions.
Security policies are configured centrally using VMware Edge Cloud Orchestrator™ and pushed to all the enforcement points, at the enterprise edge or in the cloud.
VMware SASE and Microsoft Security Copilot
Microsoft Security Copilot is a generative AI-based security analysis tool that enables analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. VMware SASE uses well-defined APIs and logs to share security related insights with the Security Information and Event Management (SIEM) services of Microsoft Sentinel. In so doing, the solution gives customers the choice to integrate these insights and data with Microsoft Security Copilot for security posture management, incident response and security reporting.
Solution benefits
VMware’s participation in the Microsoft Security Copilot partner program will help to augment security as the Microsoft solution learns from VMware SASE. The partnership will bring the following benefits to our joint customers:
Reducing complexity: SecOps does not have to look at multiple dashboards or interpret signals from multiple tools to analyze or respond to incidents. Defenders can respond to security incidents within minutes instead of hours or days.
Eliminating risks from human errors: Attackers actively look to take advantage of human errors in data security. Defenders can now discover malicious behavior and threat signals that could otherwise go undetected.
Addressing security skillset gap: Managing skillset gaps and balancing the budget is common for any enterprise today. But these challenges cannot slow down the pace of transformation. The joint solution answers security related questions by augmenting account information gathered from VMware SASE with information from other sources, internal and external, to derive insights that would otherwise be difficult to obtain.
With the proliferation of IoT devices, mobile devices, and cloud services, the enterprise edge has expanded and become more complex. The edge is both a critical line of defense and a potential point of vulnerability where many security challenges converge. The joint solution with VMware SASE and Microsoft Security Copilot will help cybersecurity professionals improve the quality of detection, speed up response times, and tighten security postures.
