VMware must have found a pot of gold under the end of the rainbow recently, they have been splashing the cash again, their latest acquisition is yet another addition to their Network and security business unit. Lastline is a startup company that is known for its anti-malware and artificial intelligence (AI) powered network detection and response product.
VMware acquired security firm Lastline to add a network detection and response (NDR) component to VMware’s NSX architecture and Carbon Black security platforms.
Lastline’s secret sauce is the fact that it looks at each and every instruction that an identified Malware executes and works out through its learning algorithms how to block further iterations of malware.
Tom Gillis SVP and GM of VMware NSBU in a recent blog post:
Lastline’s system detects twice the number of malicious files as a signature-based system. The Lastline system uses machine learning that recognizes essential elements of an attack, unlike the narrow signature-based systems that miss the many variants an attacker may use.
He further noted that the Lastline system utilizes a different paradigm from traditional anomaly detection systems that treat “every outlier as bad, thereby delivering too in many false-positive results. Lastline, through its learning behavior algorithms, can leverage a deep understanding of malicious behaviors, thereby, flagging clear anomalous activity such as east-west movements, unexpected command and control activity, and data exfiltration.” Gillis added that Lastline “detonates more than 5 million file samples daily.”
Lastline, even though an obvious security play will be folded into VMware’s NSX team. It will also join with VMware’s Carbon Black Threat Analysis Unit to bolster the vendor’s security offerings.
Gillis stated that “This broad context will enable very high-fidelity security decisions, and be operationally simple to deploy, allowing us to bring intrinsic security to the enterprise at scale.”
VMware as a company has been rapidly ramping up its security posture to push an intrinsic security angle over the past year. According to Gillis during an earlier press briefing and by association VMware considers that
“Intrinsic security doesn’t just mean it’s built-in, it means it’s built differently, when we talk about intrinsic security, we focus on security that we can implement because we have an intrinsic advantage or capability with our [virtualization] platform, and that’s what’s different and unique.”
The acquisition of Lastline comes less than a month after VMware acquired Kubernetes-focused security startup Octarine. The Silicon Valley-based company provides visibility into cloud-native workloads and also integrates into the DevOps process to analyze application risks at time of build, before they are deployed into production.
As seems to be the norm for tech acquisitions recently the Financial terms of the deal have nor been released, but Lastline had raised more than $52 million in funding since its founding in 2012. Its latest was a $28.5 million Series C led by Thomvest Ventures in 2017.
What we think
VMware has been quietly building a mini-empire in the security arena starting with their initial product release of AppDefense in 2017 which was initially a collaboration with Carbon Black the company they later acquired for a cool $2.1B
VMware has spent billions of dollars to bolster its security posture. It launched its initial standalone security product, AppDefense, in 2017. Further acquisitions brought Secure State a multi-cloud security play based on technology that the CloudCoreo purchase brought with them and as already stated Octarine acquisition which gives them a Kubernetes and container presence, this incidentally dovetails in their overall business posture regarding the rewrite of vSphere to make Containers first-class citizens. As a result and a briefing earlier this year VMware COO Sanjay Poonen said since the Carbon Black acquisition, VMware is now a $1 billion security business. Not a bad run-rate for a division that effectively did not exist prior to 2017. True that had dabbled in security vShield and Cloud and Network Security, these were good products for their time, but historically they have always appeared to be bolt-on functions rather than an integrated holistic solution.
VMware’s current move into the market seems much more result-driven with a play for new and emerging markets, rather than an attempt to bolster their current customer profile. This is one of the major success points for Gelsigner during is time a CEO. He has moved VMware from being a one-trick pony with vSphere and a perception of being past their prime. To a company that keeps innovating and actively attacking markets in the back yards of their former competitors VMware on AWS, Horizon on Azure, and the recent release of VMware on Google all attest to a very joined-up strategy and has kept VMware very relevant. Adding security to the mix is a very valid approach, but this time they have got the balance correct.