To combat the growing threat of cyber intrusions, VMware introduces new security tool that monitors data center applications
Data centers are challenged to combat the growing threat of cyber intrusions. For this reason, VMware recently unveiled AppDefense at VMWorld, a security solution that enables companies to secure applications running on virtualized or cloud environments.
AppDefense provides an intent-based security function capable of pinpointing and thwarting attacks from a unique position in a hypervisor. The technology is able to distinguish between an app behaving normally and abnormally. If an app is attempting to alter the kernel — the central component of most computer operating systems — companies can decide whether to send out an alert, isolate the incident or shut the app down.
“A security model concentrating on appropriate application behavior can help shrink the attack surface and improve the ability to pinpoint real threats,” said Jon Oltsik, senior principal analyst and the founder of ESG’s cybersecurity service, in a statement. “With this focus on intended state behavior, AppDefense offers a productive alternative to traditional application and endpoint security. In this way, VMware AppDefense is shifting the focus from simply securing the virtual infrastructure, to using vSphere capabilities as creative enhancements to applications and infrastructure security.”
Cyber security threats have increased alongside the uptick in data centers over the past few years. According to findings from Sandler Research, the global data center infrastructure management (DCIM) market is expected to grow at a compound annual growth rate (CAGR) close to 15% between now and 2020. Juniper Research suggests acceleration in digitization will increase the cost of data breaches to $2.1 trillion globally by 2019, four times the estimated cost for breaches in 2015.
“The growing frequency and cost of security incidents points to a fundamental flaw in security models that focus solely on chasing threats,” said Tom Corn, senior vice president, security products at VMware, in a statement. “AppDefense delivers an intent-based security model that focuses on what the applications should do – the known good – rather than what the attackers do – the known bad. We believe it will do for compute, what VMware NSX and micro-segmentation did for the network; enable least privilege environments for critical applications.”
VMware began the AppDefense Technology project under the codename Project Goldilocks two years ago. The device is currently available for on-premise data centers in the U.S. using VMware vSphere 6.5.; although, VMware says a cloud-based version is on the horizon. The technology can be integrated with existing security tools, says VMware, including endpoint security, security information and event management (SIEM), and Security Operations Center Analytics. Initial partners for AppDefense include IBM Security, RSA, Carbon Black, SecureWorks and Puppet.
