News

VMware's New Project Trinidad Addresses API Security and Analytics

• By David Ramel
• 09/02/2022

During this week's big VMware Explore conference, the company announced a tech preview of Project Trinidad, an API security and analytics platform.

VMware said it extends the company's API security and analytics via the deployment of sensors on Kubernetes clusters, while using machine learning with business logic inference to detect anomalous behavior in east-west traffic between microservices, listing these highlights:

• Take immediate action on anomalies and zero-day attacks in modern applications
• Model normal application behavior, and detect and predict anomalous behavior
• Zero instrumentation required for deployment

It focuses on APIs because VMware believes they are at the center of a tech evolution marked by enterprise digital transformations and application modernization, deemed critical to business success.

"Project Trinidad is unique in its ability to merge security and observability," VMware said in an Aug. 31 blog post. "By creating a tool that makes modern applications observable beyond the human eye, we enable corrective action in the event of a subtle attack where network traffic might otherwise look normal. Likewise, Project Trinidad's ease of onboarding means customers can start using those insights quickly. With today's ever-increasing data breaches, this level of observability and agility is vital."

It comes as a Software-as-a-Service (SaaS) product, with a self-hosted option that lets organizations deploy it on their own infrastructure.

In explaining why the company launched the project, VMware said: "Modern applications are increasingly under attack. Traditional, perimeter-based solutions alone are not sufficient to protect against these subtle threats that leverage the complexity of distributed systems, such as microservices architectures. For example, the Heartbleed vulnerability yielded network traffic that looked normal to the human eye while exploited. Threats like this necessitate a set of tools to properly secure this attack surface."

Project Trinidad is just one of many offerings unveiled at VMware Explore that address multi-cloud networking and security for multi-cloud, including:

• Project Northstar for multi-cloud networking, security and end-to-end visibility
• Expansion of network detection and visibility to the Carbon Black Cloud endpoint protection platform, with early access available now
• Project Watch, a new approach to multi-cloud networking and security that provides advanced app to app policy controls

"The growth in laterally moving threats requires security teams to pay closer attention to east-west network traffic," the company said. "Examining traffic through network taps is no longer sufficient. Modern distributed cloud architectures can further exacerbate blind spots. VMware's architecture allows customers see processes running in an endpoint, packets crossing the network, access points, and the inner workings of both traditional and modern apps to identify and stop threats others can't."