SAN FRANCISCO—There has been a prevailing notion in the cyber-security industry that attackers have the advantage. According to Tom Corn, senior vice president and general manager of security products at VMware, that doesn’t have to be the case.
Corn detailed his view in a session at the RSA Conference here this week and provided more insights in a video interview with eWEEK. In Corn’s view, defenders should have the “home court advantage” because they should have more familiarity with what IT assets and controls they have in place.
“What you can have an advantage with is understanding your applications and data and how they use the infrastructure and use that to have better posture and much better hygiene,” he said.
Corn noted, however, that not all organizations know how their infrastructure is used or have the ability to fully control it. For those that do, he suggests a least privilege model, where only the privileges and ports required to execute necessary tasks are used.
Using a combination of virtualization and the cloud, Corn suggests that organizations can improve their visibility in order to retake the home court advantage against attackers.
VMware already has a product in the market—AppDefense, which it announced last August at the VMworld 2017 event—that provides security introspection and control. At RSA Conference 2018, VMware announced that it is extending AppDefense to also protect container-based environments as well as traditional virtualization.
Corn said VMware is using the hypervisor as a special position in the application delivery stack to be able to understand what is running on a system so that it can be monitored and protected.
Watch the full video interview with Corn above.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.