Broadcom today updated its VMware vDefend platform to add additional security intelligence capabilities along with a streamlined ability to micro-segment networks using code to programmatically deploy virtual firewalls.
Additionally, Broadcom has made it simpler to deploy and scale out the Security Services Platform (SSP) it uses to provide a data lake for collecting telemetry data for its cybersecurity tools.
Finally, the network detection and response (NDR) capability of VMware vDefend can now update threat intelligence without being connected to an external network.
Umesh Mahajan, vice president and general manager for the Application Networking and Security Division of Broadcom, said these additions extend the ability to tightly integrate security with the hypervisor, networking and storage services that are at the core of the VMware Cloud Foundation (VCF) platform.
For example, the security segmentation and assessment capability being added to the security intelligence tool that is incorporated in VMware vDefend provides real-time visibility into application environments that can be used to identify security gaps created by insecure network protocols or inappropriate application communication.
Rather than relying on a third-party cybersecurity framework, Broadcom is making a case for a VMware vDefend platform that is more application aware because of the level of integration with the VMware hypervisor. That approach makes it feasible to secure east-west traffic in a data center in a way that, in the event of a breach, should keep the blast radius as limited as possible, said Mahajan.
It’s not quite clear which teams in larger IT environments are assuming responsibility for securing IT platforms. Historically, security operations (SecOps) teams have been responsible, but as capabilities such as VMware vDefend are integrated into platforms such as VCF, more responsibility for SecOps is being assumed by either IT operations or DevSecOps teams.
At the same time, however, many organizations have multiple platforms and may require a more heterogenous approach to securing them.
The one thing that is certain is that relying solely on network firewalls is no longer sufficient. A more layered approach is needed to not only prevent as many breaches as possible to prevent, for example, malware from moving laterally across an organization at a time when most cybersecurity teams are under an immense amount of pressure, said Mahajan.
Unfortunately, the amount of malware being created is only going to exponentially increase thanks to the rise of generative artificial intelligence (AI) tools that make it simpler than ever to write code. Cybercriminals these days are already embracing these tools to not only generate code, but also to more easily identify vulnerabilities they can exploit in the code running in production environments. The challenge, of course, is finding ways to thwart those attacks without increasing costs to the point where cybersecurity becomes unsustainable.
Hopefully, there will soon come a day when AI is also being widely used to make it simpler to defend IT environments but, in the meantime, IT organizations should expect the current state of cybersecurity to worsen before AI helps level what today is a decidedly uneven playing field.
