VMware, Inc. has announced advancements in its Carbon Black Extended Detection and Response (XDR) strategy focused on cloud-native applications.
Cloud Native Detection and Response (CNDR) provides VMware Carbon Black customers with unified visibility, security, and control in highly dynamic and complex modern application environments.
Cloud-native environments
Containers and Kubernetes have become synonymous with the modern application transformation, as organisations increasingly adopt multi-cloud and hybrid technology infrastructures. However, the growth in cloud-native architectures and containers also expands an organisation's attack surface.
As SOC teams are tasked with learning the complexities of cloud-native environments
As Security Operations Centre (SOC) teams are tasked with learning the complexities of cloud-native environments, they also are challenged with containers running in production with limited-to-no security coverage, disparate tools that create gaps in coverage, and limited visibility into the different layers of these applications.
Protection for Linux containers
VMware Carbon Black’s new CNDR capabilities expand its pioneering XDR solution and are designed to deliver enhanced threat detection for containers and Kubernetes within a single, unified platform.
These enhancements aim to deliver runtime protection for Linux containers to provide a scalable approach for protecting applications from emerging threats and helping eliminate blind spots for attackers to exploit.
Need for security visibility and control
“The rise of containers, and often the resulting lack of visibility and limited control security teams have, has created a perfect storm for attackers to target cloud-native applications as a means of entry into an enterprise,” said Jason Rolleston, Vice President and General Manager of VMware Carbon Black.
VMware Carbon Black is the only partner that delivers threat detection and response"
He adds, “In order for security teams to keep up, it’s critical that organisations have security visibility and control that spans the entire application lifecycle and does not require them to be experts in containers and Kubernetes. With our advanced CNDR solution, VMware Carbon Black is the only partner that delivers threat detection and response from a single console across endpoints, workloads, and containers.”
Capabilities for security teams
Enhanced Cloud Native Detection and Response in VMware Carbon Black delivers new capabilities for security teams and incident responders. SOC teams benefit from:
- Enhanced visibility: Can’t stop what can’t see. VMware Carbon Black monitors the processes running in both container and Kubernetes environments. These processes and any alerts are displayed in the familiar Carbon Black console and aim to seamlessly integrate into customers’ existing workflows.
- Context and historical data: Due to the ephemeral nature of containers, it can be challenging to get historical data on any previous anomalies detected in a container that no longer exists. Carbon Black keeps this historical data in the cloud and allows security teams to analyse alerts from previously existing containers.
- Simple alert triaging: Security analysts can understand the steps that an attacker might have taken in any given environment with enhanced visibility into which events are coming from what container or Kubernetes node.
Product availability
CNDR capabilities for containers and Kubernetes are expected to be available within the next six months. These features build on the Carbon Black vision for protection, detection, and response with accelerated deployment and easier adoption.
- Network / IP
- Biometrics
- Remote surveillance
- Retail surveillance
- Digital video surveillance
- Remote video surveillance
- IP video surveillance
- Electronic security systems
- Retail security systems
- Construction security systems
- Campus security systems
- Application security
- Physical security
- Industrial security
- Remote security
- Commercial security
- Perimeter security
- Factory security
- Security policy
- Security devices
- Security tagging
- Security access systems
- Network monitoring
- Asset tracking
- Remote video monitoring
- Electronic door locks
- Electronic access control
- Intrusion detection
- Security guards
- Identity management
- Building security
- Facility security
- Industrial security systems
- Retail security
- Wireless security
- Network cameras
- Door security
- Door access control
- Security software
- IP Surveillance
- Hybrid security
- Industrial surveillance
- Hybrid surveillance systems
- Human identification system
- Human area network
- Mobile surveillance
- Outdoor video surveillance
- Physical Security Information Management (PSIM)
- Bullet cameras
- Indoor surveillance
- IP security solutions
- Integration software
- Event security
- Perimeter protection
- Cyber security
- Mobile communications
- Internet of Things (IoT)
- Corporate Security
- Outdoor Security
- Indoor Security
- Central Monitoring
- Data Security
- Network Video Recorders
- Digital Video Recorders
- IP transmission
- Incident Management
- Security Assessments
- City Surveillance
- Cloud security
- Artificial intelligence (AI)
- Mobile access
- Machine Learning
- Touchless Security
