Download PDF version Contact company

VMware, Inc., an innovator in enterprise software, announces new innovations to advance the company’s strategy to make security intrinsic to the digital enterprise. Intrinsic security makes protecting critical applications and data more automated, proactive and pervasive across the entire distributed enterprise.

The announcements made at RSA Conference 2020, include:

  • New VMware Advanced Security for Cloud Foundation, which will enable customers to replace legacy security solutions and deliver unified protection across private and public clouds
  • Advancements to the VMware Carbon Black Cloud, which including automated correlation with the MITRE ATT&CK framework and upcoming prevention coverage for Linux machines
  • New VMware Secure State auto-remediation capabilities to automate actions across cloud environments and proactively reduce risk

New Approach To Cybersecurity

VMware’s Sanjay Poonen will deliver a keynote address: ‘Rethink the Way You Secure Your Organization with Intrinsic Security,’ which will discuss how making security intrinsic can unlock new advantages and make life easier for security practitioners.

There has never been a more challenging and exciting time in security"

There has never been a more challenging and exciting time in security,” said Sanjay Poonen, chief operating officer, customer operations, VMware. “Attacker sophistication, security threats, breaches, and exploits are becoming more prevalent with no end in sight. And with cloud, new applications, pervasive mobility, IoT, and data at the edge, the problem is only getting harder to solve. There must be a new approach to cybersecurity – one that is built-in, unified and context-centric.”

Delivering best-In-Class financial services

We believe the best strategy and approach is to make security intrinsic, enabling organizations to leverage their infrastructure and its unique capabilities across any app, any cloud and any device to better secure the world’s digital infrastructure – from networks, to endpoints, to workloads, to identities, to clouds.”

Our members rely on us to deliver best-in-class financial services,” said Mark Fournier, Systems Architect for the U.S. Senate Federal Credit Union. “VMware has put our team in a position to deliver consistent innovation, evolve our digital transformation and keep our data better secured amidst an attack landscape that’s constantly evolving. VMware’s ability to deliver and help secure our digital infrastructure gives us the confidence that we’re staying ahead of the latest threats in an environment where cybersecurity is built into the fabric of our enterprise, not just bolted on.”

Single point of compromise

Most security professional know this, but struggle to adequately protect their data centers

Data breaches are increasingly devastating, often wiping out billions in market capitalization and costing public company CEOs their jobs. Damage rarely results from a single compromised server. It results from attackers moving laterally (East-West) through the datacentre from a single point of compromise, often for months, as they locate, harvest and exfiltrate sensitive data.

Most security professional know this, but struggle to adequately protect their data centers. A survey commissioned by VMware and conducted by Forrester Consulting shows that 75 percent of respondents depend on perimeter firewalls, however East-West security controls need to be different than those for traditional perimeter (North-South) security as 73 percent of respondents believe their existing East-West traffic is not adequately protected.

Protecting data center workloads

VMware is specifically addressing the internal data center security challenge with the new VMware Advanced Security for Cloud Foundation, which will include VMware Carbon Black technology, VMware NSX Advanced Load Balancer with Web Application Firewall capabilities and VMware NSX Distributed IDS/IPS. Each one is purpose-built for the data center and together deliver a unique and more comprehensive data center security solution.

VMware Carbon Black technology protects workloads with Real-time Workload Audit/Remediation

Also, all three will tightly integrate into VMware vSphere, the industry standard for data center workloads, enabling security to follow workloads wherever they go through their entire life. Data center security starts with a strong foundation—properly protecting data center workloads. VMware Carbon Black technology protects workloads with Real-time Workload Audit/Remediation, Next-Generation Antivirus (NGAV) and Endpoint Detection & Response (EDR).

Hardware-Based solutions

VMware Carbon Black will be tightly integrated with VMware vSphere to yield an ‘agentless’ solution, eliminating the need to insert antivirus and other agents. Instead, endpoint telemetry will be managed and gathered via built-in sensors protected by the hypervisor. This also means, unlike agent-based solutions, the hypervisor will be able to detect if an attacker attempts to gain root access and tamper with the VMware Carbon Black technology — all from a separate trust domain.

The web server is the ‘front door’ of the data center, and NSX Advanced Load Balancer / Web Application Firewall safeguards this frequent point of attack. Often customers using hardware-based solutions with fixed capacity will turn off security filtering under heavy loads, leaving critical servers vulnerable. The unique, scale-out software architecture of the NSX Web Application Firewall helps confirm web servers have enough computation capacity for maximum security filtering even under peak loads.

Traditional perimeter security products

Policies will be automatically generated and enforced on an application-specific basis

The NSX Web Application Firewall uses rich understanding of applications, automated learning, and app-specific rules to provide strong security with lower false positives. Behind the web tier, micro-segmentation and in-band East-West firewalling helps prevent lateral movement of attackers. The VMware NSX Distributed IDS/IPS, a new capability of the VMware NSX Service-defined Firewall, will provide intrusion detection on the many different services that make up an application making it easier to get deep visibility.

The distributed architecture of NSX Distributed IDS/IPS will enable advanced filtering to be applied to every hop of the application, significantly reducing the blind spots created when using traditional perimeter security products. Policies will be automatically generated and enforced on an application-specific basis, thereby lowering false positives.

Discovering potential threats

VMware has introduced automated correlation with MITRE ATT&CK framework Technique IDs (TIDs)—a list of common tactics, techniques, and procedures (TTPs)—built into the VMware Carbon Black Cloud. Using MITRE’s ATT&CK framework, customers can begin searching for specific TTPs based on MITRE ATT&CK techniques within the VMware Carbon Black Cloud to discover potential threats and identify areas of improvement in their security posture.

VMware Carbon Black has also integrated with the Microsoft Windows Anti-Malware Scanning Interface (AMSI) to provide additional visibility by decoding obfuscated commands. Using the integration, customers will be able to seek visibility into the exact content executed by script interpreters, such as PowerShell. Customers will also be able to search across their continuously collected endpoint activity data and create custom detections based on AMSI-related script content.

Endpoint prevention solutions

VMware Carbon Black will be adding malware prevention capabilities for Linux machines

Finally, VMware Carbon Black will be adding malware prevention capabilities for Linux machines. This innovation will empower customers to migrate away from other endpoint prevention solutions specific to Linux and consolidate their security programs. This addition to the VMware Carbon Black Cloud platform means customers will have the option for comprehensive security coverage across all major operating systems (Windows, Mac, and Linux).

With VMware Secure State’s real-time detection and remediation capabilities, customers can now close the loop on cloud security and compliance to mitigate risks proactively. VMware Secure State is adding a new, flexible remediation framework to help customers automate actions across multicloud environments. Currently in Beta, this solution is designed to help cloud security teams collaborate with DevOps teams and gain trust as they gradually scale best practices.

Maintaining centralized visibility

The service provides pre-defined, out of the box actions or ability to create new, custom actions as code. All actions can be targeted to selectively remediate resources based on conditions such as cloud accounts, regions or resource tags. Security teams will also get comprehensive capabilities for managing overall cloud risk. To address existing misconfigurations, they can either bulk remediate violations themselves or publish actions to delegate decisions to DevOps teams.

Customers maintain centralized visibility into remediation progress and changes to cloud resources

In order to prevent new misconfigurations, they can build guardrails that auto-remediate violations at real-time speed. With an extensible, policy as code approach, users can programmatically execute all remediations as code using API and integrate them within the CI/CD pipeline. No matter how actions are triggered, customers maintain centralized visibility into remediation progress and changes to cloud resources.

Hosting two breakout sessions

The new portfolio offerings, product demos and more will be on display this week at the RSA Conference in the Moscone North Expo, booth #6145. VMware Carbon Black will be in Moscone Expo North, booth #5873. In addition to Poonen’s keynote address on February 26, VMware will host two breakout sessions during the conference.

VMware’s SVP and GM of Network Security, Tom Gillis, will deliver ‘Unshackle Legacy Security Restrictions for 2020 and Beyond.’ VMware Carbon Black’s Cybersecurity Strategist, Rick McElroy, and Senior Threat Researcher, Greg Foss, will deliver ‘2020 ATT&CK Vision: Correlating TTPs to Disrupt Advanced Cyber Attacks.’

Download PDF version Download PDF version

In case you missed it

Why Face Recognition As A Credential Is The Ideal Choice For Access Control?
Why Face Recognition As A Credential Is The Ideal Choice For Access Control?

In the field of access control, face recognition has come a long way. Once considered too slow to authenticate people's identities and credentials in high traffic conditions, face recognition technology has evolved to become one of the quickest, most effective access control identity authentication solutions across all industries. Advancements in artificial intelligence and advanced neural network (ANN) technology from industry leaders like Intel have improved the accuracy and efficiency of face recognition. However, another reason the technology is gaining traction is due to the swiftly rising demand for touchless access control solutions that can help mitigate the spread of disease in public spaces. Effective for high volumes Face recognition eliminates security risks and is also virtually impossible to counterfeit Modern face recognition technology meets all the criteria for becoming the go-to solution for frictionless access control. It provides an accurate, non-invasive means of authenticating people's identities in high-traffic areas, including multi-tenant office buildings, industrial sites, and factories where multiple shifts per day are common. Typical electronic access control systems rely on people providing physical credentials, such as proximity cards, key fobs, or Bluetooth-enabled mobile phones, all of which can be misplaced, lost, or stolen. Face recognition eliminates these security risks and is also virtually impossible to counterfeit. Affordable biometric option Although there are other biometric tools available, face recognition offers significant advantages. Some technologies use hand geometry or iris scans, for example, but these options are generally slower and more expensive. This makes face recognition a natural application for day-to-day access control activities, including chronicling time and attendance for large workforces at construction sites, warehouses, and agricultural and mining operations. In addition to verifying personal credentials, face recognition can also identify whether an individual is wearing a facial covering in compliance with government or corporate mandates regarding health safety protocols. Beyond securing physical locations, face recognition can also be used to manage access to computers, as well as specialized equipment and devices. Overcoming challenges with AI So how did face recognition become so reliable when the technology was once dogged by many challenges, including difficulties with camera angles, certain types of facial expressions, and diverse lighting conditions? Thanks to the emergence of so-called "convolutional" neural network-based algorithms, engineers have been able to overcome these roadblocks. SecurOS FaceX face recognition solution FaceX is powered by neural networks and machine learning which makes it capable of authenticating a wide range of faces One joint effort between New Jersey-based Intelligent Security Systems (ISS) and tech giant Intel has created the SecurOS FaceX face recognition solution. FaceX is powered by neural networks and machine learning which makes it capable of authenticating a wide range of faces and facial expressions, including those captured under changing light, at different resolution levels, and varying distances from the video camera. Secure video management system A common face recognition system deployment begins with IP video cameras that feed footage into a secure video management system connected to a video archive. When the software initially enrolls a person’s face, it creates a "digital descriptor" that is stored as a numeric code that will forever be associated with one identity. The system encrypts and stores these numeric codes in a SQL database. For the sake of convenience and cost savings, the video server CPU performs all neural network processes without requiring any special GPU cards. Unique digital identifiers The next step involves correlating faces captured in a video recording with their unique digital descriptors on file. The system can compare newly captured images against large databases of known individuals or faces captured from video streams. Face recognition technology can provide multi-factor authentication, searching watchlists for specific types of features, such as age, hair color, gender, ethnicity, facial hair, glasses, headwear, and other identifying characteristics including bald spots. Robust encryption SED-compatible drives rely on dedicated chips that encrypt data with AES-128 or AES-256 To support privacy concerns, the entire system features an encrypted and secure login process that prevents unauthorized access to both the database and the archive. An additional layer of encryption is available through the use of Self-Encrypting Drives (SEDs) that hold video recordings and metadata. SED-compatible drives rely on dedicated chips that encrypt data with AES-128 or AES-256 (short for Advanced Encryption Standard). Anti-spoofing safeguards How do face recognition systems handle people who try to trick the system by wearing a costume mask or holding up a picture to hide their faces? FaceX from ISS, for example, includes anti-spoofing capabilities that essentially check for the "liveliness" of a given face. The algorithm can easily flag the flat, two-dimensional nature of a face mask, printed photo, or image on a mobile phone and issue a "spoof" alarm. Increased speed of entry Incorporating facial recognition into existing access control systems is straightforward and cost-effective Incorporating facial recognition into existing access control systems is straightforward and cost-effective. Systems can operate with off-the-shelf security cameras and computers. Users can also leverage existing infrastructure to maintain building aesthetics. A face recognition system can complete the process of detection and recognition in an instant, opening a door or turnstile in less than 500ms. Such efficiency can eliminate hours associated with security personnel checking and managing credentials manually. A vital tool Modern face recognition solutions are infinitely scalable to accommodate global enterprises. As a result, face recognition as a credential is increasingly being implemented for a wide range of applications that transcend traditional access control and physical security to include health safety and workforce management. All these capabilities make face recognition a natural, frictionless solution for managing access control, both in terms of performance and cost.

Everbridge Control Center Deployed By G4S To Accelerate Abu Dhabi Global Market Square’s Physical Security Digital Transformation
Everbridge Control Center Deployed By G4S To Accelerate Abu Dhabi Global Market Square’s Physical Security Digital Transformation

The Abu Dhabi Global Market Square (ADGMS), located on Al Maryah Island, in the United Arab Emirates capital, Abu Dhabi, is a high-profile, architecturally compelling business and hospitality hub. Many of the most globally prestigious companies inhabit the buildings, in the award-winning financial center. Abu Dhabi Global Market Square ADGMS also hosts frequent international dignitaries and large-scale public events, including the Abu Dhabi national New Year’s fireworks display. Abu Dhabi Global Market Square was the first project in the UAE, to achieve LEED Core and Shell (LEED-CS) Gold pre-certification, by the US Green Building Council (USGBC). The Abu Dhabi Global Market Square (ADGMS) consists of: 450,000 sq. m of office space, a lavish retail section and luxury business hotel offerings, 4 Grade-A commercial office towers with 30 floors each, 4 km waterfront promenade, Over 2,000 cameras, and Over 1,000 doors. Unconnected security systems and situational awareness gaps Because of its iconic status, the Abu Dhabi Global Market Square faces many unique challenges to security, including: Political pressure - Because of ADGMS’s status and frequent high-profile international visitors, any disruption to operations - be it natural disaster, activism, terror or other critical events, could cause issues on a national scale. Protection for VIPs - Regular visits from prestigious VIPs, such as sheikhs, the royal family, and global business leaders, elevates security risks and the need for executive protection. Unobtrusive security - ADGMS is a public space with tenanted offices, meaning that security must be robust, but unobtrusive and follow all global data, and privacy regulations. Physical location - Being situated on an island is an extra security risk, complicating the ability to enter and exit the space, during planned and unplanned critical events or emergencies. Architecture - The buildings in ADGMS are mostly glass, with many levels, making it difficult to secure. Previously, a number of systems were deployed to help with security and life safety, such as CCTV, access control, fire detection, and building management. However, these were not connected and left gaps in situational awareness, which ADGMS found unacceptable. In light of the above challenges, ADGMS building managers felt it essential to harden security, across the market square, within these buildings and in connecting areas. Risk intelligence & integrated control of physical assets Martin Grigg, Principal Consultant and Project Lead for PTS Middle East was selected to design and oversee the project Abu Dhabi Global Market Square approached PTS Middle East (PTS Consulting Group Ltd.), a multi-national security and digital transformation consultancy, which carried out the threat, risk and vulnerability assessment, designed the mitigation measures, and provided oversight of the installation and commissioning of the entire system. They were also tasked with ensuring that the system met the operational requirements and was fit for purpose, and proportional to the risks, faced by ADGMS. Martin Grigg, Principal Consultant and Project Lead for PTS Middle East was selected to design and oversee the project, right from concept to completion. Everbridge Control Center deployed Following the assessment, G4S, a British multi-national risk consultancy company, headquartered in the United Kingdom, was selected to deliver the project, based on its experience in helping secure many of the region’s most prestigious locations. G4S is also a global partner with Everbridge, and together, they have secured people, assets and infrastructure for numerous organizations. G4S selected Everbridge Control Center to integrate and manage all the technology, which is coming into their Security Command Centre (SCC). Everbridge Risk Center was also deployed to provide real-time threat intelligence to ADGMS. Critical issues solved by Everbridge technology: Consolidation of four control rooms into one, reducing the office space needed for security - This premium space is now free and able to be re-purposed as rentable office space, Reduction of man guarding costs, as fewer resources are needed to secure the facility, Real-time situational awareness allows for reduced risk, accelerated response times and keeps stakeholders informed, Everbridge Control Center provides event driven, unified interface and automated SOP presentation, Everbridge technology provides flexibility to adapt, as requirements change, Reduction in time taken to identify a security incident and resolve it, Intelligence from the facial recognition systems is proactively used to welcome friends and identify known criminals, Risk intelligence to identify events, such as sandstorms, allows ADGMS to act faster, enabling them to reduce the risk to people and operations, and Automated reporting capabilities save huge amounts of time and resources - A report that took 20 minutes can now be automated in seconds.

How Are New Management Systems Innovating The Hospitality Industry?
How Are New Management Systems Innovating The Hospitality Industry?

Technology has certainly become an intrinsic part of our day-to-day lives, from the retail industry, to food and beverage outlets, and even within the health and fitness industry. It’s all around us, in varying formats, making processes more efficient. It has refined some of our older approaches, and in the hospitality industry, this is certainly true. Technological advances are leading the way forward for the future of hotels, and with the sector now free from COVID-19 restrictions, venues are looking for ways to improve the guest experience with technology. A staggering recent statistic has suggested that 75 percent of activities in hospitality could one day become automated — so where exactly are we heading on this journey into the future of hotels? Join Cairn Collection, owner of The Stirling Highland, and explore a whole host of innovations that are changing the face of hotel management systems. The 21st-century check-in desk The breadth of technology that is slowly becoming more widely available is transforming the hospitality industry The digital age is constantly finding new ways to innovate and prove its value and worth for modern consumers, and the breadth of technology that is slowly becoming more widely available is transforming the hospitality industry. In the past, connotations of a check-in desk were long queues and excessive pieces of paper — from room service menus to a mini-catalog of highlights of the local area. Technological innovations such as face recognition are one of the major ways that this process is changing. Using artificial intelligence A handful of hotels have already trialed or introduced artificial intelligence (AI) into their daily running, and it looks set to become far more mainstream by 2025. From paying the bill by using biometrics to allowing hotel managers to handle data more efficiently, AI looks set to be welcomed with the potential for it to reduce costs by 13 percent. The entire hotel check-in process could become automated, making one of the most established parts of the hotel experience redundant — but staff could be freed up to engage with customers, allowing them to get into their rooms quicker in the meantime. Many venues have even gone fully paperless when it comes to checking in, choosing instead to upload the process to cloud computing systems where information can be stored and viewed by connected devices. Convenience is the key More hotels operate their room unlocking facilities through mobile phone-connected technology, NFC After having checked in to a hotel, guests will want to explore the room that they’ve booked. Doing so has never been easier, and the classic magstripe locks which were once the most commonly used method of accessing hotel rooms are being progressively phased out. More and more hotels now operate their room unlocking facilities through mobile phone-connected technology, near-field communication (NFC).  This technology allows for data transfer at up to 424 kb per second, and it is enabled when connected devices come into contact with each other. Mobile key systems Most mobile key systems require guests to download and activate a key through the hotel’s digital app, and upon arrival, they can use the activated key to unlock the door to their hotel room. Combined with online/digital check-in services, guests can use the e-key to check in early or at a time that suits them best, knowing that they don’t have to wait around to pick up a physical key. Small touches like this build a sense of brand familiarity for customers, as well as streamline their hotel experience, and this distinguishes them from competitors. Hotel management systems Hotel management systems need to account for the experience that guests have while staying at the venue Of course, hotel management systems also need to account for the experience that guests have while staying at the venue and technology can do a lot to enhance this. Hotels have to innovate the spaces that they are presenting to their customers and technology has become a valuable asset to help enhance customer satisfaction, as the hotel room is certainly not simply a place for rest anymore. Voice-enabled devices Voice-enabled devices are becoming common features in rooms, with popular models such as Google Assistant, Apple’s Siri, and Amazon Echo providing guests with information on the local area — if you’re looking for the perfect backdrop to the business dinner you’re attending, just ask Alexa! Hotels could even record and distribute their personalized voice messaging to help reinforce the brand presence into the technology. Technology can help you attract and retain customers by offering services above and beyond what they’d usually receive A room and then some As the generational switch to millennials and Gen Z continues, the need for an experience has grown and, through a mixture of technology, hotels can cater to these revised consumer needs. From setting up messaging platforms to providing a remote control that monitors absolutely everything in the room — from atmospheric mood lighting to music streaming services and more, a hotel room can be whatever the user wants, and the experience is therefore generated by the customer. Technology doesn’t stop advancing, and there are constantly new, refined approaches to hotel management systems that have marked a stark departure from ways of the past. With guests returning after over a year of COVID-19 restrictions, competition for their business is even tougher. Technology can help you attract and retain customers by offering services above and beyond what they’d usually receive.