At VMworld 2017, VMware Inc. announced its breakthrough solution for securing applications running on virtualized or cloud environments – VMware AppDefense.
This new security solution leverages the virtual infrastructure to monitor running applications against their intended state, and can detect and automate response to attacks that attempt to manipulate those applications. Additionally, integrations with third-party solutions will enable a partner ecosystem to leverage VMware’s AppDefense unique application visibility and response orchestration.
“The growing frequency and cost of security incidents points to a fundamental flaw in security models that focus solely on chasing threats,” said Tom Corn, senior VP, security products at VMware.
"AppDefense delivers an intent-based security model that focuses on what the applications should do – the known good – rather than what the attackers do – the known bad. We believe it will do for compute, what VMware NSX and micro-segmentation did for the network; enable least privilege environments for critical applications."
An intent-based security model is made possible through:
* Increased use of automation in application and infrastructure provisioning.
* Use of application frameworks that provide richer and more authoritative views of intended state.
* Application of machine learning that enables the ability to reason about state and behavior across large populations.
* Increased use of virtualization and cloud, which provides greater application context and isolation.
Leveraging VMware vSphere gives AppDefense several unique capabilities. First, it’s in a unique position to see rich application context; run state and provisioned state. Second, it can leverage the hypervisor to create a protected zone from which to store intended state and monitor runtime behavior. Third, it can leverage vSphere and NSX to automate and orchestrate response.
The result is that AppDefense can significantly reduce the attack surface, making threat identification and response more efficient, and creating a more agile DevOps-friendly model for security.