It’s no secret that security in the enterprise continues to be challenging in today’s world. One primary factor behind this is the difficulty involved in orchestrating communication amongst the many tools being used in the enterprise to protect endpoints and provide quick detection and response. Organizations are leveraging countless tools to try to minimize their attack surface, and this ends up creating silos that are difficult to manage and hindering collaboration across teams.
Organizations can help address this challenge by exploring a platform approach versus using single tools within siloes. VMware Workspace ONE® as a platform combines powerful integration across layers in a digital workspace, including Access Management, Unified Endpoint Management (UEM), Analytics, Desktop and Application Virtualization, and now with our recent acquisition, endpoint security using VMware Carbon Black. Let’s take a deeper look at how this can help both IT and InfoSec teams.
The VMware Carbon Black Cloud™ is a cloud-native endpoint protection platform (EPP) that combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay, using a single lightweight agent and an easy-to-use console. VMware Workspace ONE® UEM enables IT administrators to manage over-the-air security policies, patches, applications, and more on devices.
Adding VMware Carbon Black into the mix creates a new level of endpoint protection, and Workspace ONE Intelligence glues it all together with automation capabilities that can act on threat insights. The integration of Workspace ONE UEM, Workspace ONE® Intelligence™, and Carbon Black Cloud enables powerful security orchestration to achieve rapid remediation, minimize risks associated with attacks, and help simplify security by removing silos.
Check out the new Technical Overview video that shows how these technologies seamlessly work together to protect a device under attack and achieve the following:
Deployment of Carbon Black Cloud Sensor across all managed Windows and macOS devices to ensure they are protected.
Immediate initiation of a remediation action, such as quarantining a device to isolate it from the corporate network and external communication.
Bringing the InfoSec teams up to speed with key information about the threat and device under attack.
Providing quick investigation and access to impacted devices, even when in quarantine.
Communication across teams such as notifying the UEM administrator that a device is isolated because of an attack and will not check-in until the investigation is finalized.
To adopt this integration in your environment, check out the new Workspace ONE Intelligence and VMware Carbon Black Cloud: VMware Workspace ONE Operational Tutorial.
This is just the start of what can be achieved today with our integration for better orchestration. Stay tuned for even more to come!