As a security vendor, Trend Micro started relatively early with securing cloud environments. Initially, it focused on Amazon Web Services (AWS), as that is the most widely used cloud platform. However, the security company wants to play a major role in all IT environments. The multicloud era can no longer be ignored. We discussed this development with Bharat Mistry and Ian Heritage, Principal Security Strategist and Cloud Security Architect at Trend Micro, respectively.
Trend Micro is known in the IT world as a security vendor that can support endpoints, the cloud and networks as well. However, the cloud, and the way in which companies use it, are changing dramatically. That makes the cloud one of the most interesting points in which Trend Micro specialises. The company positions itself as a hybrid cloud company, but multicloud is clearly something the company is growing towards. Ultimately, Trend Micro wants to be able to play a role in any environment that companies might use, which is consistent with a multicloud approach.
Both Mistry and Heritage see companies’ IT environments grow and become more complex. With a multicloud strategy, businesses are embracing an infrastructure with multiple cloud computing and storage services. For each workload and application, it is possible to determine which cloud platform is most desirable. In some areas, AWS is better than Microsoft Azure, and vice versa.
In practice, growing environments also increase the number of apps, data and architectures. The result from a cybersecurity perspective: a larger attack surface. Nowadays, malware can focus on more business systems than ever before. This is, of course, a challenge for cybersecurity suppliers, and Trend Micro also sees it that way. The company is aware of this development and has multicloud as a top priority.
Hybrid cloud security has been developed
What’s nice about Trend Micro regarding multi-client support is that this already supports certain aspects of protecting the hybrid cloud. The company knows how to deal with a private cloud in combination with a public cloud. In addition, the cybersecurity products are optimised for physical, virtualized, containerized, and cloud environments.
Trend Micro provides security professionals and DevOps teams with a central point to maximize the security of those environments. It means they can do some security management, but the platform also comes with improved visibility. The latter is a core component for realising secure environments. After all, if you don’t know what is happening in your own IT landscape, then you can’t protect yourself properly.
That’s why Trend Micro combines all kinds of activities on the platform, such as those of the Security Operations Center and the workloads. By bringing all this together centrally, security professionals can quickly see how big their landscape really is. When doing so, they are supported by a number of insights that show what is happening in terms of suspicious activities. Of course, action can be taken, sometimes automatically, which means that the security management part of the software comes in handy.
Trend Micro’s technology is now capable of this, but it will also have to remain capable. As mentioned before, the IT landscape is changing rapidly, partly due to more extensive IT management. This makes visibility a bit more difficult, but all activities and environments ultimately have to be visible.
Ecosystem plays a role in strategy
In order to provide the best possible response, Trend Micro will need to maintain and expand its ecosystem. The company is becoming increasingly dependent on partners and integrations with other IT solutions. It works with specialised players like Splunk and Sumo Logic, which are useful to extract log files with valuable data from endpoints or on-premise servers. Trend Micro Application Programming Interface (API) integrations with AWS, Microsoft Azure, Google Cloud, and IBM Cloud are also supported to secure workloads and cloud platforms.
However, Trend Micro started providing security solutions for AWS when it moved to the cloud. This means that Trend Micro has come to know that cloud environment very well. It offers numerous templates and deployment scripts to set up security for AWS.
From a business perspective, the far-reaching support for AWS is only logical. Initially, a huge number of companies embraced AWS, and it is still the largest cloud provider. The adoption of other cloud providers continues, which means that Trend Micro will be making more and more tailor-made solutions for these players as well. However, we do see that AWS is still the top priority within Trend Micro. This cloud platform will be the first to be addressed with every new feature, tool or solution, followed by Microsoft Azure and Google Cloud.
VMware’s role is also very important to Trend Micro when it comes to securing all IT environments. VMware has a strong position in the hybrid cloud (and soon also the multicloud) with virtual machines, and works closely with AWS. An enormous number of companies rely on VMware when they’re working on hybrid infrastructure. So, Trend Micro is actively working with VMware. For example, it has a virtual appliance to secure virtualized VMware environments, to provide these environments with anti-malware services.
Building on existing activities
Trend Micro’s current proposition rests on a logical ecosystem, which ultimately enables the company to provide software for security and DevOps teams. New workloads can automatically be protected against new and existing threats, of course by using artificial intelligence (AI) and machine learning. As many security components and measures as possible have to be manageable through a central platform. The software can also be used to install agents on a computer, for example, in order to provide some firewall protection and intrusion prevention.
In that respect, Trend Micro is now doing what is expected of a provider that achieves a hybrid cloud approach. The company wants to play a role in every used IT environment, which means that the multi-client message is designed. This will result in closer and new partnerships and integrations with SaaS, PaaS and IaaS vendors.
Of course, there is also some assistance from AI to keep the management of all this manageable. After all, the potential of AI for cybersecurity is great, Trend Micro also acknowledges this. If you want to continue to protect the ever-expanding attack surface, algorithms will have to be used to detect malware and solve small threats independently.
A renowned security company such as Trend Micro will, therefore, continue to keep pace with the rapidly changing cloud world. At the time of our discussions with Mistry and Heritage, we pointed out that the company does not yet play a role in the shared responsibility model. Cloud providers offer solid security themselves, but leave some configurations to the user. Here, security vendors seeking hybrid cloud or multicloud support have begun to respond with tools to help buck such configurations. It’s no coincidence that Trend Micro recently acquired Cloud Conformity for this purpose, in order to step into this world as well. We are curious to see what else we will see from Trend Micro in the future, now that the focus will be more on the multicloud.