Newly created Next-Gen Security Operations Center (SOC) Alliance features industry-leading SIEM/SOAR vendors Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic
VMware made two key announcements during Connect 2020, the company’s annual cybersecurity user and partner conference (hosted virtually by VMware Carbon Black):
- The intent to acquire Octarine, whose innovative security platform for Kubernetes applications helps simplify DevSecOps and enables cloud native environments to be intrinsically secure, from development through runtime.
- The creation of a Next-Gen SOC Alliance along with Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic. The alliance empowers SOC teams with visibility, prevention, detection and response capabilities that can uniquely leverage the VMware fabric.
Acquiring Octarine to Bring Intrinsic Security to Containers & Kubernetes
Building Octarine’s innovative Kubernetes security platform into the VMware security portfolio presents a major opportunity for VMware to further mitigate risks in several ways:
- Provide full visibility into cloud-native environments so customers can better identify and reduce the risks posed by vulnerabilities and attacks.
- Move beyond static analysis and maintain compliance – customers can create and enforce content-based policies to protect the privacy and integrity of sensitive and regulated information.
- Integrate into the developer lifecycle to analyze and control application risks before they are deployed into production.
- Run alongside service mesh frameworks such as Tanzu Service Mesh to provide native anomaly detection and threat monitoring for cloud and container-based workloads.
- Provide runtime monitoring and control of Kubernetes workloads across hybrid environments for threat detection and response.
Following the acquisition’s close, the Octarine technology will be embedded into the VMware Carbon Black Cloud, providing new support of security features for containerized applications running in Kubernetes and enable security capabilities as part of the fabric of the existing IT and DevOps ecosystems. This innovation will further reduce the need for additional sensors in the stack. Octarine capabilities will also integrate and leverage the VMware Tanzu platform, including current investments in Service Mesh and Open Policy Agent.
“Acquiring Octarine will enable us to further expand VMware’s intrinsic security strategy to containers and Kubernetes environments by embedding the Octarine technology into the VMware Carbon Black Cloud,” said Patrick Morley, general manager and senior vice president, Security Business Unit, VMware. “This, combined with native integrations with Tanzu, vSphere, NSX and VMware Cloud Foundation, will create what we believe is a unique and compelling solution for intrinsically securing workloads. And, with the addition of our AppDefense capabilities merged into the platform, we can fundamentally transform how workloads are better secured.”
VMware’s intrinsic security strategy is centered on enriching context from across the security portfolio and leveraging the VMware fabric for native telemetry and control at the endpoint, workload, network, user access point, and application. This innovation enables a true XDR solution that works out of the box with existing VMware solutions – reducing all the bolt-on sensors and appliances that plague security.
Next-Gen SOC Alliance
The alliance features Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic integrations with the VMware Carbon Black Cloud to deliver key XDR capabilities and context into SIEM technologies that power the modern-day SOC. Equally important, the combined solutions will be able to take advantage of VMware’s Intrinsic Security framework and enable SOC teams to:
- Leverage the VMware fabric – doing away with many of agents and appliances SOCs would normally deploy for visibility, prevention, detection, and response.
- Gain far richer context about the infrastructure and applications being protected.
- Operationalize more of security with (and through) IT via Carbon Black integrations with VMware management consoles.
Other key benefits from the Next-Gen SOC Alliance include:
- Centralized security context, which enables organizations to detect, analyze and respond to data in a unified SIEM at machine speed.
- Automation and orchestration tools that combine with XDR capabilities to allow SOCs to scale and standardize their investigation and response processes.
- Actionable answers to large-scale queries and remote remediation from within Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic platforms.
“The Next-Gen SOC Alliance brings a critical mass of XDR context and capabilities to SOCs in a fully intrinsic way – one that can uniquely leverage the VMware fabric,” said Tom Barsi, Vice President of Alliances for VMware Carbon Black. “In partnership with the industry’s leading SIEM/SOAR players, we’re setting a strong vision for the modern SOC and delivering unprecedented visibility and remediation capabilities across endpoints, networks, workloads, and containers.”