VMware Inc. has announced significant enhancements to its unique lateral security capabilities, which will assist customers in achieving strong security for both modern and traditional applications across multi-cloud environments.
VMware introduced Contexa, a full-fidelity threat intelligence capability that observes the breadth of VMware’s network, endpoint, and user technologies, ahead of the RSA Conference 2022. To improve its security and management portfolio, VMware is reframing traditional security analytics with enriched threat intelligence through Contexa.
“Threat actors are increasingly deploying sophisticated infiltration tactics, including the use of stolen credentials in order to exploit vulnerabilities and hide in the noise of normalcy,” said Tom Gillis, senior vice president and general manager, Networking and Advanced Security Business Group, VMware. “In a world where the stakes in security continue to rise, lateral security has become the new battleground. Combining VMware Contexa with our architectural advantage, VMware exclusively sees every process running in an endpoint, every packet crossing the network, every access point, and the inner workings of both traditional and modern apps to identify and stop threats others can’t.”
VMware Contexa is a threat intelligence cloud that sees what other solutions don’t and stops what other solutions can’t. Contexa observes and understands the inner workings of both modern and traditional apps every step of the way—from user to device, to network, to run time, to data—due to its privileged position in the infrastructure.
Every day, VMware Contexa records and processes over 1.5 trillion endpoint events and 10 billion network flows, as well as strategically curated threat intelligence data obtained through technology partnerships. This rich context is analyzed further using machine learning and the insights of over 500 researchers from VMware’s Threat Analysis Unit and incident response partners. Contexa now detects over 2.2 billion suspicious behaviors per day, with zero-touch detection and automated, graduated response for more than 80% of these events.
Contexa, which is built into every VMware security product, will be free to all new and existing customers. The company that pioneered virtualization is now protecting virtual machines like no other—and driving innovation in modern application security.
VMware Tanzu is a trusted partner for businesses on their app modernization journey, assisting them in building, operating, and improving the security of modern applications at scale on any cloud. VMware announced today additional enhancements to its Modern Apps Connectivity Services (MACS) solution, which enables customers to build security into the entire application lifecycle. Customers can now gain deep visibility and insights into the inner workings of application microservices as they interact with one another via internal (East-West) APIs, allowing them to better protect them. VMware Contexa enables Tanzu Service Mesh to comprehend the context of internal traffic flows and, as a result, distinguish legitimate internal traffic from the internal movement of attacks such as ransomware.
A leader in virtualization, VMware has introduced innovative and powerful distributed security capabilities for its multi-cloud platform over the years, allowing the company to make customer workloads more secure on VMware clouds. As innovations in server virtualization have driven higher virtual machine densities on a single physical server, less lateral traffic is visible to a network tap.
This makes it difficult for a Security Information and Event Management (SIEM) technology or security analytics solution to identify lateral security threats by analyzing sampled data such as network flow records or selected network traffic taken from taps.
VMware has introduced new capabilities to help customers identify and respond to malware and ransomware attacks in the network by integrating its advanced intrusion detection & prevention (IDS/IPS) and Network Traffic Analysis (NTA) directly into the virtualization layer with VMware NSX. These new enhancements, powered by VMware Contexa, now inspect and analyze every packet and every process to provide extremely high-fidelity alerts that other systems relying on sampled data cannot match.
New innovations to VMware Workspace ONE will make it easier for IT teams to manage and better secure all employee devices, while contributing to Contexa’s rich data set. VMware is today introducing Workspace ONE Mobile Threat Defense, which incorporates technologies from Lookout, a leader in the mobile security space. The new offering will help protect employees’ mobile devices from a wide range of application, device, and network-originated threats.
Workspace ONE Mobile Threat Defense can be activated within Workspace ONE Intelligent Hub. For IT, this means there are no separate apps or agents to download or deploy, and vital information – including alerts and suggested resolutions – is conveyed via a resource that employees use for daily work.
VMware is also introducing new Workspace ONE capabilities that will make managing updates/patches even easier and elevate the security posture of Windows devices. For instance, the new capabilities will enable IT to automate critical updates to pre-approved groups, hand test patches more likely to create issues, and pause or rollback patches if an issue is detected.
