Securing Workloads on VMware Cloud on AWS – Cloud Blog – VMware
What is Cloud Workload Protection?
Cloud Workload Protection is the process of keeping workloads that move across different cloud environments secure. The entire workload must be functional for a cloud-based application to work properly without introducing any security risks. Cloud workload protection is therefore fundamentally different from application security on a desktop machine. Today, many organizations are in flux with these environments and leverage a hybrid cloud model with a combination of infrastructure on-premises and in the public cloud. This approach presents challenges for protecting data moving between these applications.
Organizations moving to hybrid cloud models need to shift their mindset from reacting to threats to anticipating and managing risk as it applies to their unique infrastructure. This means leveraging infrastructure and applications as your security controls and moving away from disparate tools to a unified platform that provides inherent protection, minimizes operational overhead and fosters greater collaboration between security and IT through sharing of data and real-time visibility into workload risk.
A Cloud Workload Protection solution enables you to identify, manage, and secure these workloads. This will help you decrease risk, ensure better application scalability, and increase compliance. The primary purpose of a Cloud Workload Protection Platform is to help you understand what workloads are running where, identify and reduce risk, and strengthen security posture across hybrid-cloud environments
Advanced Workload Protection for VMware Cloud on AWS
Today, we are excited to announce Workload Security solution now available on VMware Cloud on AWS. As organizations continue their journey towards cloud transformation and application modernization, they require modern security solutions that are both powerful and easy to operationalize. VMware Carbon Black Workload™ delivers advanced
protection purpose-built for securing workloads running in VMware Cloud on AWS to reduce the attack surface and strengthen security posture, while simplifying operations for IT and Security teams. This innovative solution combines prioritized vulnerability reporting and foundational workload hardening with industry-leading prevention, detection and response capabilities to protect workloads running in virtualized, private and hybrid cloud environments.
Tightly integrated with vSphere and VMware Cloud on AWS, VMware Carbon Black Workload provides advanced cloud workload protection that is easily enabled right from the vSphere Client Console and automates risk and response analysis.. This unified solution enables Security and Infrastructure teams to automatically secure new and existing workloads at every point in the security lifecycle and focus on high impact actions with confidence while simplifying operations and consolidating the IT and Security stack.
Key Benefits
Secure Workloads Against Modern Attacks
An organization’s most valuable assets are found in the data center, yet attackers are increasingly using advanced techniques to bypass traditional security tools and remain undetected for weeks or months. With advanced workload protection from VMware Carbon Black, you can automatically block both known and unknown attacks – including malware, ransomware, fileless and living-off-the-land attacks.
Cloud Workload Protection solution protects workloads running in these environments by combining automated and risk-prioritized vulnerability assessment and foundational workload hardening with industry leading next-generation antivirus (NGAV), workload behavioral monitoring, and endpoint detection and response (EDR) for workloads.
With advanced workload protection, the Security team can analyze attacker behavior patterns over time to detect and stop never-seen-before attacks, including those manipulating known-good software if an attacker bypasses perimeter defenses.
Simplify operations for IT and security teams
At VMware, we are delivering intrinsic security by building it into the every layer of infrastructure stack where workloads are deployed. Through this unique approach, we can eliminate the trade-off between security and operational simplicity by providing a single source of truth for Infrastructure and Security teams to accelerate response to critical vulnerabilities and attacks, while enabling collaboration and reducing friction. Simplify and consolidate your IT and security stack by replacing multiple point security tools that compete for resources with VMware Carbon Black Workload. VMware Carbon Black Workload provides a simple dashboard with details on vulnerabilities, attacks and remediation steps.
VMware Cloud Workload Protection Bundles
Simple add-on bundles for deployment on VMware Cloud on AWS to leverage Cloud Workload Protection based on customers use cases.
Resources
For other information related to VMware Cloud on AWS and Carbon Black support, here are some more learning resources for you: