VMware To Create Security Business Unit Post-Carbon Black Buy

VMware has signaled it plans to create a dedicated cloud security business unit in the wake of agreeing this week to acquire Carbon Black, a provider of an endpoint security service based on machine learning algorithms and Big Data analytics, for $2.1 billion.

During a call with industry analysts, VMware CEO Pat Gelsinger disclosed plans to build a VMware cloud security platform that includes technologies VMware currently delivers within its AppDefense, Workspace ONE, NSX and SecureState offerings in addition to the cloud services provided by Carbon Black.

DevOps Connect:DevSecOps @ RSAC 2022

As part of that effort, Gelsinger promised to integrate Carbon Black with VMware NSX, a network virtualization overlay, and VMware Secure State, a real-time security and configuration monitoring service. Carbon Black already has a technology alliance in place that integrates its service with AppDefense, a zero-trust cybersecurity framework layered on top of NSX, and the VMware vSphere platform. Gelsinger also noted that 30% of all NSX-related sales being made today involve cybersecurity use cases.

Gelsinger said that as a unit of Dell Technologies, VMware will be able to leverage both its own desktop virtualization software and the relationship with Dell to deliver endpoint security services. Dell also owns Dell SecureWorks, an IT cybersecurity services provider.

One of the attributes of Carbon Black Gelsinger cited that will play a larger role is its lightweight agent software, which Gelsinger said will reduce “bloatware” on endpoints. However, the agent is not limited to endpoints, as evidenced by its integration with VMware vSphere, he noted.

VMware disclosed that the Carbon Black service has 5,600 customers and the company has more than 500 partners globally. The Carbon Black service is leveraging machine learning algorithms to thwart more than 1 million cyberattacks per day, Gelsinger said.

In general, Gelsinger reiterated his view that cybersecurity is fundamentally broken—there are too many cybersecurity products and services for organizations to implement a comprehensive cybersecurity strategy effectively. VMware views acquiring Carbon Black as an opportunity to disrupt the cybersecurity market at a time when organizations are paying too much for cybersecurity products that don’t deliver enough value, Gelsinger said, noting that too much time is spent trying to remediate vulnerabilities after they have been discovered instead of preventing attacks from occurring in the first place. That issue has become more pressing as organizations embark on digital transformation initiatives that depend mainly on cloud-native technologies, he said.

It’s unclear to what degree the acquisition of Carbon Black will serve as a catalyst for consolidation across the security sector at a time when the number of cybersecurity platforms providers has never been greater. Chances are good VMware may need to build and acquire additional machine learning-infused products and services to force that issue. In the meantime, it’s clear that at the very least, the number of cybersecurity technologies and services any organization can license from one vendor will increase. Less clear is whether the number of products and services that will need to be implemented will be reduced.

Michael Vizard

Featured eBook
Managing the AppSec Toolstack

Managing the AppSec Toolstack

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking  more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now ... Read More
Security Boulevard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 434 posts and counting.See all posts by mike-vizard