VMware aims to improve security visibility with new services

VMware on Tuesday introduced new security enhancements to improve customer visibility and limit lateral movement.

The announcements were made as part of VMware Explore 2022, VMware's flagship conference in San Francisco. Several VMware security offerings, such as Project Trinidad, Project Watch and Project Northstar, are intended to give increased visibility to customers.

Project Trinidad is a new monitoring service that deploys sensors on Kubernetes clusters to detect abnormal behavior in microservice-based east-west traffic. The service is currently in technology preview and detects suspicious activity via "machine learning with business logic inference," according to the company's press preview.

Also in technology preview was Project Watch, which is a service that provides inter-application policy controls. In a press pre-briefing, VMware senior vice president and general manager Tom Gillis described Watch as a "next generation multi-cloud connectivity solution."

"It allows you to say, 'I want this application to connect to that application,' or it can even make its own assessment of the risk of various classes of applications," he said, adding that VMware believes the risk-based system is "the future of security."

In addition, VMware announced it was embedding network detection and visibility features into Carbon Black Cloud's endpoint protection platform. Specifically, VMware added extended detection and response telemetry to the platform for endpoints to provide additional visibility for organizations. The enhancement is now available in early access to select customers.

The company also introduced Project Northstar, a set of new security enhancements coming to virtualization platform VMware NSX. Northstar includes end-to-end threat detection and response capabilities, among others, for private cloud environments and VMware Cloud instances.

These visibility enhancements are only the latest of their kind coming from VMware. The virtualization giant launched its threat intelligence cloud Contexa in June. At the time, Gillis said the point of Contexa was to offer comprehensive visibility at the access point, endpoint and network levels.

Asked whether VMware was currently pushing for increased visibility as an initiative of sorts, Gillis responded in the affirmative. "We're bringing together the visibility and detection capabilities we have across our portfolio, and our inherent understanding of the inner workings of applications and networks, to help customers' cloud environments," he told SearchSecurity in an email.

Along with improving security visibility and east-west traffic monitoring, VMware is tackling ransomware with a new disaster recovery offering. VMware Ransomware Recovery for VMware Cloud DR uses "an on-demand isolated recovery environment" in VMware Cloud on AWS to provide ransomware victims a stable recovery process that prevents any re-infection of data or workloads.

Alexander Culafi is a writer, journalist and podcaster based in Boston.