VMware Intrinsic Security Vision – RSAC 2020 Update

At last year’s RSA Conference, VMware made headlines with the launch of the Service-defined Firewall, which focuses on reducing the attack surface inside the network perimeter and protecting workloads across multi-cloud environments. At VMworld 2019, we introduced a distributed intrusion detection and prevention (IDS/IPS) for our Service-defined Firewall, followed by the acquisition of Carbon Black aimed to strengthen our endpoint protection capabilities. Since then, we have made a consistent push towards offering a security solution that is intrinsic from the endpoint to the cloud.

3 Big Obstacles in Cybersecurity

Our vision of intrinsic security is designed to disrupt three fundamental problems in cybersecurity.

1. Security is bolted-on: On average, enterprises use 80 different security products¹. This is the consequence of security teams being brought on after the infrastructure has been built and applications already deployed. Continuing to conduct business in a scale first, security later mindset will result in a growing list of security add-ons that will lead to more problems in the future.
2. Security is siloed: While InfoSec teams typically spearhead security, they should not be the only group involved. In order to establish a holistic overview of the vulnerability landscape, there needs to be a collective effort distributed across infrastructure, desktop services, network, DevOps teams, and more. Additionally, the various toolsets these teams use are just as siloed. Remediation, vulnerability management, validation tools for hardening; firewalls, secure access, and encryption for prevention; IDS, EDR, and AV for detection/response are usually treated as separate processes. Instead, they must be viewed as interconnected use cases integrated to feed each other.
3. Security is too threat-centric: The adage, “you cannot manage what you don’t understand,” holds true for security. Without having an adequate understanding of applications, data, and the supporting infrastructure, it will be nearly impossible to establish an effective security posture. Unfortunately, the security industry has done the opposite: focusing heavily on threat hunting without first attaining a thorough understanding of the environment. As a result, aligning controls, correlating alerts, and investigating warnings have become disjointed.

Shifting Cybersecurity Perspective – What Needs to Happen? 

Rather than being an afterthought – a bolted on agent that is introduced to mitigate the latest breach – security must be built-in. It should be able to leverage the existing infrastructure to deliver and support applications without compromising visibility and configured policies.

Intrinsic Security Solutions from Endpoint to Cloud 

With our growing security solutions, VMware transforms these 5 points of vulnerability into security controls.

1. Workload Security – Protect workloads from advanced threats through embedded security in the hypervisor. Using the VMware Carbon Black Workload, improve application security without compromising availability and performance with automated threat monitoring and response to changes in app behavior.
2. Cloud Security – Get real-time insight into cloud resources, misconfigurations, threats, and change activity. With VMware Secure State, prioritize findings based on risk, automatically remediate issues, and collaborate with developers.
3. Network Security – Secure east-west network traffic through segmentation and virtualize your entire security stack using VMware Carbon Black Workload. You can mitigate risk, ensure compliance, and lower costs while vastly simplifying the operational model of firewalls.
4. Identity and Access Management – Integrate access control, application management, and multi-platform endpoint management into a single platform to secure your digital workspace with VMware Workspace ONE Intelligence and Carbon Black.
5. Endpoint Security – Secure the endpoint through intelligent system hardening and adaptive prevention. Consolidate multiple endpoint security capabilities and simplify your security stack for faster and more effective security operations with the VMware Carbon Black Endpoint Standard.

As mentioned, VMware’s security stack establishes security as an intrinsic component that traverses from endpoint to cloud, leveraging the infrastructure to provide visibility for your apps, users, and devices. Combined with advanced threat detection and response capabilities, we are able to deliver a unique and more effective approach to security.

VMware Sessions at RSAC 2020 

Keynote: Rethink the Way You Secure Your Organization with Intrinsic Security
Featuring Sanjay Poonen, COO, Customer Operations, VMware | Patrick Morley, SVP/GM, Security Business Unit, VMware | Carrie Mills, Senior Manager, Cybersecurity, Southwest Airlines

Breakout Session: Unshackle Legacy Security Restrictions for 2020 and Beyond
Featuring Tom Gillis, SVP/GM, Networking & Security Business Unit, VMware

Breakout Session: 2020 ATT&CK Vision: Correlating TTPs to Disrupt Advanced Cyberattacks
Featuring Greg Foss, Senior Threat Researcher, VMware Carbon Black | Rick McElroy, Principal Security Strategist, VMware Carbon Black

Breakout Session: 7 Steps to Maintain Security across Your Dynamic Cloud Estate
Featuring Jason Needham, Sr. Director of PM – Cloud Security, VMware

Meet with VMware Security Executives: Want to learn more about how you can leverage our vision of Intrinsic Security? Register for exclusive meetings with our security executives!