VMware and Carbon Black: you complete me, no you complete me
Virtzilla's App Defence and CB's endpoint protection combine for whitelist-fest
VMware and Carbon Black have joined forces to enhance each other's security wares.
Virtzilla is a recent entrant to the security market with its App Defence product that basically creates a whitelist of the things it expects to see in a VM. If something else appears, App Defence assumes it deserves the very lowest level of privilege and isolates it to prevent wide damage.
Carbon Black's Cb Defence does something similar: it monitors applications and processes on endpoints for anything that suggests they're being asked to do something out of the ordinary. This approach, rather than looking for specific malware signatures, is designed to help detect known good software that's been subverted with attacks on application logic or other non-malware attempts at compromise.
VMware told The Register that it's realised App Defence needed Cb Defence to cover all threats, because its least-privelige approach struggled to deliver when a VM didn't violate its whitelist but had been attacked. Carbon Black told us it wants to work with the automated responses that App Defence can initiate by using other products in the VMware portfolio, such as isolating a VM that looks a bit off with a micro-segmented network.
The two have therefore pledged to do joint integration work and have also created a joint solution that each will sell.
VMware's security supremo Tom Corn told El Reg the company's still looking for other complementary security partners to improve App Defence's powers and prospects, but can't yet say when that will happen.
The bundle will go on sale before February 2018. ®