News

VMware Lays Out Plan for Integrating Carbon Black

• By Scott Bekker
• 08/27/2019

VMware already has extensive plans for repurposing Carbon Black's technology to improve security in vSphere, Workspace ONE, NSX and other products over the next few years.

VMware's Sanjay Poonen shared the roadmap as the big finale of VMworld's kickoff keynote in San Francisco on Monday. The level of detail that VMware's chief operating officer for customer operations provided was unusual given that the $2.1 billion deal for VMware to buy Carbon Black was announced just four days earlier and may not close until January.

Waltham, Mass.-based Carbon Black describes itself as a cloud-native endpoint protection provider with 5,600 global customers and 500 partners.

Describing the appeal to VMware of Carbon Black's technology, especially its CB Predictive Security Cloud, Poonen called out three core characteristics. "It's an AI-powered data lake; number two, it's a very smart, lightweight agent; and number three, the whole architecture is cloud-native and multi-tenant," he said.

Those characteristics will lend themselves quickly to a number of modules that VMware will begin packaging post-launch, Poonen said. On a presentation slide, he showed nine security modules that VMware would release as a family, some from VMware's existing technology and some from Carbon Black-related technologies. They were Endpoint Detection Response, Next-Gen Antivirus, Device Control, Rogue Device Detection, App Defense, Vulnerability Management, Audit and Remediation, Compliance Reporting, and Managed Detection.

Poonen placed longer-term integrations between the companies' technologies into four main buckets. For workload security, VMware wants to pair vSphere with Carbon Black to provide agentless app defense on the server.

Another bucket is workspace security, pairing Carbon Black and Workspace ONE. "One solves endpoint management, the other one solves endpoint security. And I had CIOs come to me and say, 'Listen, I use [Workspace ONE] and then I use Carbon Black with some other [tool]. Why aren't these coming from one company?'" Poonen said. "No problem, we'll make that happen, pending close."

The third bucket is network threat analytics, where VMware will take Carbon Black's core capabilities and embed them inside NSX for threat analytics. The final integration plan, for now, is to pair Carbon Black with VMware's Secure State, which was released this summer based on the acquisition of CloudCoreo in early 2018. The plan with that integration is to improve configuration security in multicloud scenarios.