Tech News

VMware Releases AppDefense

VMware Goldilocks Project finally reaches to its general availability, providing a new way to secure virtual applications.

AppDefense aims to provide an intent-based security capability that is able to detect and block malicious actions and applications. The AppDefense system understands and learns what is a known good process and is also able to determine when the runtime behavior of an application deviates from its intended state.
Providing least privilege access on compute, basically it defines what is allowed to execute. More of the data center endpoint security market has been focused on finding bad elements within a network. With AppDefense, VMware is trying to ensure that only known good processes can run.
The automated policies that can be enacted as part of AppDefense include alerting an administrator, quarantining a Virtual Machine, blocking VM operations and snapshotting a VM. When VMware captures the application's intent, it is getting the developer's intent by hooking into configuration management tools including Ansible, Chef and Puppet to make sense of the purpose of a given application. In addition to the developer intent, there is also machine learning that analyzes what is running to further evaluate processes that show up in runtime.

AppDefense runs on VMware's vSphere 6.5, with the management plane for AppDefense running in the cloud, providing a place to set policies. The actual policy decisions and all data remain with the local hypervisor and are not sent to the cloud.

No comments