If you know Carbon Black, you know that we helped invent Endpoint Detection and Response (EDR) and pioneered the field of next-generation anti-virus (NGAV) and malware protection. If you know VMware, you know we helped invent virtualization and have championed moving core business servers and services into virtualized environments either on-premises or in the cloud.
Today, we are proud to announce the first new product line combining Carbon Black’s security expertise with VMware’s deep knowledge of the data center in all its forms.
Intrinsic Security
Our initial release of VMware Carbon Black Cloud Workload™ is designed to protect your critical servers and workloads that are hosted on the industry-leading and award-winning vSphere platform. Adapting VMware Carbon Black’s advanced security capabilities to virtualized workloads, and leveraging VMware’s intimate knowledge of virtualization, we’re delivering a unified cloud workload protection (CWP) solution that will enhance your security posture across all phases of the workload lifecycle. Whether you are developing new virtualized applications, automatically scaling and growing your existing applications, or monitoring your long-running workloads, VMware Carbon Black Cloud Workload can help you reduce risk and improve overall security posture.
In addition, our unique position of working with the vSphere teams allows us to take advantage of the full capabilities of the ESXi platform and the hypervisor to reduce administrative overhead and reduce the number of agents and systems you rely on to secure your workloads. With one solution that offers a full Security Operations Center view (our classic Carbon Black Cloud console) and vCenter plugins for the vSphere Admin, we are building bridges between distinct, distributed operational groups and accelerating the convergence of Security, Development and Operations into modern SecDevOps practices.
VMware Carbon Black Cloud Workload Capabilities
Intrinsic security is all about bringing the right data at the right time to the right user, all in a consistent and actionable fashion. VMware Carbon Black Cloud Workload is a testament to our Intrinsic security vision. We are delivering features that give the Security Analyst unprecedented insight into workloads, and we are also giving the vSphere Admin faster and easier access to the data necessary to identify risk, harden systems, and reduce the attack surface.
For Security Teams
For the security professional, VMware Carbon Black Cloud Workload provides visibility into areas that are traditionally hard to secure. Business-critical applications are often mission-critical and security can often be overlooked when critical business operations might be impacted. Virtualized systems are “hard to see into” and you won’t often get rights to log into virtualized machines or the virtualization infrastructure to perform vulnerability scans, or even receive security alerts from NGAV or EDR products. With VMware Carbon Black Cloud Workload, you will have:
- Full Visibility into Workload Inventory and Security Coverage
See a complete inventory of all workloads operating within an ESXi platform. For the first time, you will get to see what servers are on (or off) without having to ask your IT Administrator or Application Administrator. In addition to the inventory, you can quickly identify which workloads are protected by Carbon Black’s NGAV and/or EDR functions and which ones aren’t. In addition, you can work with the vSphere Admin on a shared view allowing you to coordinate coverage and/or compensating controls where you need them. Not only do you see all the systems, but you can also quickly see when new ones are deployed or powered on! - Risk-Prioritized Vulnerability Data
Touchless access to vulnerability data for the operating system and key applications across server systems. Just by deploying VMware Carbon Black Cloud Workload, you will see a prioritized list of CVEs (Common Vulnerabilities and Exploits) that is updated with a no-touch, incredibly low-impact data collection. The best part is that we have partnered with Kenna Security to integrate their unique data science-based approach to risk prioritization. Now you can identify the true risk of every cloud workload, with easy-to-understand risk scores and detailed intelligence that allows you focus on the vulnerabilities that matter, remediate faster, and align the entire business around a common objective. - Workload Audit and Remediation
Live query functionality from the Carbon Black Cloud allows teams to interrogate the current status of workloads at scale to track security posture, maintain IT hygiene, and report on compliance. With the ability to gather more than 2,000 artifacts on-demand or on a scheduled basis, teams can easily monitor drift and take immediate action remotely to proactively reduce the attack surface on critical workloads. - Workload Behavioral Monitoring with NGAV and EDR for Workloads
Depending on your organization’s security requirements, you will also have access to our industry-leading NGAV and Enterprise EDR functionality for your workloads. Whether you want to replace legacy antivirus slowing down your servers, or gather and analyze extensive security data, you can leverage the full set of VMware Carbon Black security capabilities on your workloads.
For Infrastructure Teams
For the vSphere Administrator, the focus shifts to more operational and administrative concerns. Fortunately, we have you covered also, with:
- Simple Deployment
Setting up VMware Carbon Black Cloud Workload on a vSphere instance can take as little as thirty minutes. We leverage the same technology you are used to using for other plugins such as NSX or vCenter itself. Deploy the Carbon Black Cloud Workload appliance, connect to the Carbon Black Cloud console, enter a few critical configuration parameters and you are ready to go! - Lightweight Sensor Lifecycle Management
The same inventory view available to the security administrator is built into the vCenter plugin. As a vSphere Admin, you can see your inventory and quickly identify which workloads are protected and which ones aren’t. Through the power of VM Tools, you can enable security on any workload and in bulk, or perform upgrades. - Risk-Prioritized Vulnerability Assessment
The bane of vulnerability management is that the group responsible for patching is rarely the same group looking at the security impact of vulnerabilities. Classic scanner data rapidly gets out of sync, ticketing systems are slow and it’s hard to get a common view between the security team, the vulnerability management team, and the IT team. Through the vCenter plugin, you get exactly the same data as the security team and can either work to apply patches by priority or take alternate measures such as powering down non-critical but vulnerable systems. A shared view of the data leads to faster resolution!
Just the Beginning
The VMware Carbon Black team is committed to becoming a leader in the Cloud Workload Protection space. Our first launch focuses on securing vSphere-based workloads. In the upcoming months, you will see additional launches and product updates bringing new security capabilities to protect any workload, whether physical, virtual, cloud, or container. You will also see our dedicated focus on delivering low impact, embedded security solutions that support the full lifecycle (build, deploy, operate) of modern containers.
Secure your vSphere environment with workload protection that’s purpose-built for the modern data center.