Author Archives: Tom Corn
Author Archives: Tom Corn
A zero trust or least-privileged, security model has long been held as the best way to secure applications and data. At its core, a zero trust security model is based on having a whitelist of known good behaviors for an environment and enforcing this whitelist. This model is preferable to one that depends on identifying attacks in progress because attack methods are always changing, giving attackers the upper hand and leaving defenders a step behind.
The problem for IT and InfoSec teams has always been effectively operationalizing a zero trust model. As applications become increasingly distributed across hybrid environments and new application frameworks allow for constant change, a lack of comprehensive application visibility and consistent security control points is exacerbated for IT and InfoSec, making achieving a zero trust model even harder.
A modern application is not a piece of software running on a single machine — it’s a distributed system. Different pieces of software running on different workloads, networked together. And we have thousands of them, all commingled on a common infrastructure or, more lately, spanning multiple data centers and clouds. Our internal networks have evolved to be relatively flat — a decision designed to facilitate organic growth. But Continue reading
Over the last several years, VMware has been heavily investing in technology and solutions to transform security. Our goal has been simple; leverage the virtual and mobile infrastructure to build security in – making it intrinsic, simple, aligned to applications and data, and infinitely more effective.
5 years ago, with NSX, we introduced the concept of micro-segmentation, enabling organizations to leverage network virtualization to compartmentalize their critical applications at a network level.
Last VMworld, we introduced VMware AppDefense, to protect the applications running on that virtual infrastructure. This enabled organizations to leverage server virtualization to ensure the only thing running is what the application intended – flipping the security model to “ensuring good” versus “chasing bad”
Meanwhile, our Workspace ONE team has been steadily building out their platform that leverages user infrastructure, to ensure only legitimate users can get access to critical applications from devices we can trust.
The momentum for NSX, AppDefense, and Workspace ONE has been growing exponentially. And our product teams have not been standing still. They’ve been hard at work on some incredible innovations and integrations.