VMware Carbon Black customers are provided with unified visibility, security, and control in highly dynamic and complex modern application environments by Cloud Native Detection and Response
Advancements in the Carbon Black Extended Detection and Response (XDR) strategy focused on cloud-native applications have been announced recently by VMware, Inc.
VMware Carbon Black customers are provided with unified visibility, security, and control in highly dynamic and complex modern application environments by Cloud Native Detection and Response (CNDR). As organisations increasingly adopt multi-cloud and hybrid technology infrastructures, Containers and Kubernetes have become synonymous with the modern application transformation. However, the growth in cloud-native architectures and containers also expands an organisation’s attack surface. Security Operations Centre (SOC) teams are also challenged with containers running in production with limited-to-no security coverage, disparate tools that create gaps in coverage, and limited visibility into the different layers of these applications, as the teams are tasked with learning the complexities of cloud-native environments.
Designed to deliver enhanced threat detection for containers and Kubernetes within a single, unified platform, VMware Carbon Black’s new CNDR capabilities expand its leading XDR solution. To provide a scalable approach for protecting applications from emerging threats and helping eliminate blind spots for attackers to exploit, these enhancements aim to deliver runtime protection for Linux containers.
“The rise of containers, and often the resulting lack of visibility and limited control security teams have, has created a perfect storm for attackers to target cloud native applications as a means of entry into an enterprise”, said Jason Rolleston, Vice President and General Manager of VMware Carbon Black. “In order for security teams to keep up, it’s critical that organisations have security visibility and control that spans the entire application lifecycle and does not require them to be experts in containers and Kubernetes. With our advanced CNDR solution, VMware Carbon Black is the only partner that delivers threat detection and response from a single console across endpoints, workloads, and containers”.
Enhanced cloud-native detection and Response in VMware Carbon Black delivers new capabilities for security teams and incident responders. SOC teams benefit from:
- Enhanced visibility: You can’t stop what you can’t see. VMware Carbon Black monitors the processes running in both container and Kubernetes environments. These processes and any alerts are displayed in the familiar Carbon Black console and aim to seamlessly integrate into customers’ existing workflows.
- Context and historical data: Due to the ephemeral nature of containers, it can be challenging to get historical data on any previous anomalies detected in a container that no longer exists. Carbon Black keeps this historical data in the cloud and allows security teams to analyse alerts from previously existing containers.
- Simple alert triaging: Security analysts can understand the steps that an attacker might have taken in any given environment with enhanced visibility into which events are coming from what container or Kubernetes node.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics