Today, VMware announced the public beta of a new service VMware Secure State, focused on cloud configuration security and compliance. This service is a part of VMware’s continued efforts to offer its customers a rich set of services to operate, scale and secure their infrastructure and applications across multiple public cloud providers.
Configuration – A Key Pillar of Public Cloud Security
Security for applications in the native cloud are composed of hundreds of configuration parameters. Making sure applications and cloud services supporting those applications are properly configured and secured, even as the speed of development and deployment increases and as organizations deploy across heterogeneous public clouds, is essential to protecting corporate data and information. Each organization must take responsibility and continuously monitor their environment to ensure their infrastructure, applications and data remain in a secure state.
Today, customers have a choice of several solutions focused on helping secure their cloud workloads. By-in-large, these existing configuration security solutions provide a relatively silo’d and reactive approach to cloud security, relying on simple service checks and periodic scans to find issues across a vast and dynamic landscape of cloud resources. We think there’s a better way.
Why VMware Secure State?
VMware Secure State provides a fresh take on cloud security monitoring with the goal of enabling a new level of insight and speed to help companies more efficiently mitigate cloud risk.
The VMware Secure State service builds a real-time model of your cloud infrastructure, mapping the relationships of how services are configured and changed to find new vulnerabilities across service layers.
Deeper Cloud Insights — While detecting open data bucket vulnerabilities and doing best practice configuration checks is important, there is a new layer of cross-service vulnerabilities that exist in every cloud account. It’s as easy as someone spinning up a server with the same SSH key they used on your AWS Admin account. As cloud usage grows, a solution must move beyond detecting simple configuration conditions to find this emerging class of cross-service threats.
We’ll talk more about both cloud security best practices and give examples of other “connected threats” as we move forward.
Real-time Detection and Change Modeling – It’s our belief that the faster you can detect an issue and route it to the right place, the lower it will cost to fix that issue. Imagine getting a notification for a mistake you made just a few moments ago. As a cloud deployer, getting this insight within the context of your deployment, allows you to quickly correct or validate your setup.
VMware Secure State can understand the changes made to an environment and use those changes to revalidate critical security configurations. In a dynamic cloud infrastructure, where changes are being made continually, it’s hard to really find those unintended side effects of a discrete change.
AWS and Azure Security Teams Seeking Beta Access
We’d love to partner with you, our customers, to continue to raise the bar for cross cloud security. Initially, VMware Secure State supports both AWS and Azure environments. If you are interested in learning more about VMware Secure State or would like to get your hands on the beta service, send me an email at email@example.com.
Learn more at VMworld
Coming to VMworld US? Get a deeper-dive into VMware Secure State in my session on introduction to cloud configuration security and governance in AWS and Azure at 12:30 PST on Monday, August 27th, 2018.