SecureWorks Corp., a leading global cybersecurity company that keeps organisations safe in a digitally connected world, is developing a new managed solution that leverages VMware AppDefense™ technology to protect applications running on VMware vSphere®-based virtualised and cloud environments.
The new service will be part of the SecureWorks Cloud Guardian™ portfolio and will deliver security detection, validation and response capabilities across a client’s virtual environment. This solution will leverage SecureWorks’ global Threat Intelligence, and will enable organisations to hand off the challenge of developing, tuning and enforcing the security policies that protect their virtual environments to a team of experts with nearly two decades of experience in cybersecurity.
AppDefense will further enhance the SecureWorks’ machine learning horsepower. AppDefense uses the vSphere hypervisor to monitor provisioning events and learn about the normal behaviour of an application. With this authoritative knowledge of the application’s intended state, AppDefense will monitor the application in real time to check for deviations from a baseline policy, which may indicate a security threat. Leveraging AppDefense will allow clients to apply policies that enforce a ‘least privilege’ security model, and SecureWorks’ Counter Threat Platform™ (CTP) will identify the criticality of any deviations from the intended application behaviour and help stop abnormal behaviour that could disrupt data centre operations.
“SecureWorks’ new solution leveraging AppDefense will bring the power of our CTP to clients to enable faster detection and response to security events across virtualized environments,” said Matt Eberhart, Vice President of Global Product Management at SecureWorks. “AppDefense will enable SecureWorks to orchestrate security policy, detection, and response quickly to stay ahead of threat actors and will empower IT and business teams to meet their goals while feeling confident in their security defences.”
This new solution will deliver the security transformation organisations need to compete in the digitally connected world. Leveraging AppDefense, SecureWorks is able to properly respond to a threat, whether that be blocking malicious behaviour, quarantining the application or taking a snapshot of the virtual machine. In addition, the technology’s runtime learning and behavioural modelling capabilities make tuning policies smarter and more efficient over time.
When AppDefense detects suspicious behaviour, the CTP will perform additional investigation and then send security events of interest to one of SecureWorks’ global Security Operations Centers. The CTP combines machine learning and analytics capabilities with up-to-the-minute threat intelligence and is backed by the expertise and insight of the company’s Counter Threat Unit TM (CTU) research team. Together, this mix of human and machine intelligence will enable organisations to effectively detect, validate, contain and eradicate the cyberthreats facing them today.
“We are excited to be working with SecureWorks, such an experienced security provider with extensive knowledge of the threat landscape,” said Tom Corn, Senior Vice President, Security Products, VMware. “Bringing together SecureWorks’ solution and VMware AppDefense will deliver a new level of protection for critical applications. The ability to lock down applications, combined with richer context for investigations and automated response mechanisms, will shrink the attack surface and reduce the time to respond.”
AppDefense requires VMware vSphere® 6.5 or higher. The SecureWorks solution is slated to be available in fiscal year 2018.
Click below to share this article