Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

VMware AppDefense: How will it address endpoint security?

VMware announced AppDefense, its latest effort to help improve endpoint security. Matt Pascucci explains how AppDefense addresses applications in vSphere environments.

At VMworld, VMware announced its new efforts in cybersecurity, including a service called AppDefense for applications...

running in vSphere environments. What does VMware AppDefense do, and how does it help security?

VMware recently added a new service called AppDefense to their cybersecurity portfolio that aims to lower false positives and utilize least privilege in order to secure endpoints living on the host. VMware also has NSX to create microsegmentation on the network layer, which can integrate into AppDefense. However, with AppDefense, the security of the systems is taken down a layer to the endpoints.

The first major benefit of having VMware AppDefense is that it understands what the endpoints were provisioned to do and their intended behavior. The AppDefense service is in the hypervisor and has a detailed understanding of what's normal within the endpoints. If something changes, such as malware reaching a system, then it's able to detect that the endpoint is doing something outside of what it was designed to do.

This feature helps to reduce false positives within your network and enables overworked security teams to focus on the alerts that truly matter. By creating alerts to monitor the system's behavior and to make sure they are operating properly, the alert time for analysts is reduced. Since VMware AppDefense recognizes that detecting and responding to incidents is key, these alerts help security teams focus on what is important.

Utilizing least privilege is a security staple, and using it whenever possible is always recommended. With AppDefense, you're able to build off of what VMware NSX started and drop least privilege down from the network layer to the endpoint. This further increases the ability to lock down your systems to only what's needed and limit your threat exposure.

When alerts within AppDefense are found, it's possible to kick off a response from NSX to take action and to block communications, take snapshots for forensics, or even shut down the endpoint. This detailed control of what can occur after an alert has been found with AppDefense enables endpoints to be isolated and for remediation to occur quickly and efficiently. The automation of AppDefense and the integration of NSX enables in-depth security and an added layer of visibility into workloads that might have been overlooked in the past.

With the creation of NSX and AppDefense services, VMware has been making big strides in security by focusing on the fundamentals. By giving analysts the visibility into their networks and endpoints using least privilege, an understanding of a behavior change enables a quicker incident response time. I'm excited to see how VMware continues to evolve on its own.

Next Steps

Learn more about VMware's NSX network

Read about VMware's use of machine learning

Discover the security features of VMware's ESXi hypervisor

This was last published in November 2017

Dig Deeper on Virtualization security issues and threats

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How do you think your organization would benefit from VMware's new AppDefense service?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close