VMware’s Carbon Black XDR platform is being expanded to include Cloud Native Detection & Response (CNDR), which should give SecOps teams better visibility into complex cloud environments.
VMware is not the only party recognising that the move to the cloud leads to quite a bit of complexity. Many organizations deploy multiple cloud services and still have part of their IT environment on-prem. In the process, people often work with Kubernetes and containers. All this increases the number of connections between on-prem and the cloud and between cloud environments. Those who cannot control these connections cannot respond quickly to cyber threats.
Threat detection for containers
CNDR should ensure that VMware Carbon Black extends threat detection to Kubernetes and containers. As with other security vendors, the emphasis here is on unified integrated platforms: everything should converge on a single security application. VMware claims the solution is scalable and eliminates blind spots that cybercriminals would otherwise exploit.
“The rise of containers, and often the resulting lack of visibility and limited control security teams have, has created a perfect storm for attackers to target cloud native applications as a means of entry into an enterprise,” said Jason Rolleston, vice president and general manager of VMware Carbon Black. “In order for security teams to keep up, it’s critical that organizations have security visibility and control that spans the entire application lifecycle and does not require them to be experts in containers and Kubernetes. With our advanced CNDR solution, VMware Carbon Black is the only partner that delivers threat detection and response from a single console across endpoints, workloads, and containers.”
Short lifetime
In addition to this unified visibility, there are other benefits to CNDR. The company points out that containers typically have a short lifespan. They were once conceived for development environments to test components and are predominantly only in existence for a few minutes. Carbon Black, however, stores this otherwise short-lived data in the cloud for later use. This can lead to better analysis capabilities, which can only become more relevant to an organization with the buildup of historical context.
Also, the fact that IT teams can use CNDR to see which Kubernetes environment or container is playing up more quickly should lead to faster triage to minimize cyber threats.
CNDR will become available as an add-on to Carbon Black in Q3 2023.
Also read: VMware releases Cloud Foundation 5