As mobile has taken the lead in enabling enterprise user productivity, it has also become a prime focus for hackers. This reflects the reality that mobile endpoints have all the same access to corporate network resources and data as traditional endpoints and they are critical to Zero Trust/two-factor authentication efforts. Historically, the difference between mobile and traditional endpoints has been that mobile endpoints have been woefully under-protected and relegated to the position of security afterthought.
Until now. As Zimperium’s CEO, Shridhar Mittal, recently shared, leading Global 1000 security executives no longer consider mobile “the forgotten endpoint.” These leaders are demanding the integration of mobile and traditional threat data from best of breed solutions for each platform into one unified endpoint security (UES) framework and view.
VMware and Zimperium have been helping define the UES market together, and we’re pleased to announce the general availability of the combined power of VMware Workspace ONE Intelligence’s Analytics and Orchestration capabilities and the unique on-device, machine learning-based mobile endpoint security from Zimperium. This further enhances Zimperium’s integration with VMware Workspace ONE and delivers numerous innovative advantages for enterprise customers.
“We live in a world in which remote work is the new norm,” said Steve DeJarnett, Director of Product Management at VMware. “This integration between VMware and Zimperium via our Trust Network Partnership is going to enable our joint customers to manage and secure all those remote devices with ease.”
Extending beyond a long-standing UEM/MTD relationship
VMware Workspace ONE UEM (originally known as AirWatch) was one of the first UEM solutions ever integrated with our leading mobile threat defense (MTD) solution, zIPS. zIPS is the only MTD solution to deliver on-device machine learning-based protection against device, network, phishing and malicious app attacks without any impacts to user privacy. In addition to attacks, zIPS also provides significant data to help organizations identify risks and vulnerabilities such as outdated operating systems, security and privacy risks in installed apps and risky/unsecured networks. zIPS integrates seamlessly with VMware Workspace ONE UEM solution to provide mobile device endpoint protection and management. Zimperium’s integration with Workspace ONE Intelligence enables advanced threat monitoring and forensics to provide customers with a comprehensive mobile security solution.
The benefits of this partnership extend beyond enabling complete mobile device visibility and protection. Organizations need a unified ability to not only manage, but also to secure all endpoints. To that end, Zimperium continues to partner with VMware to help drive the emergence of UES.
Meeting UES Requirement #1:
Detecting and preventing advanced threats on all endpoints
An effective UES solution must meet two foundational requirements. One is the ability to detect and prevent risks and threats on all endpoints. The other is the ability to provide visibility, correlation and threat hunting across all endpoints and networks.
VMware and Zimperium not only meet the first requirement, our individual solutions are establishing the standards upon which other UES collaborations must be compared. VMware Carbon Black and Zimperium enable security teams to respond and remediate threats in real time, stopping active attacks and repairing damage quickly, across all enterprise endpoints, e.g.,
- Traditional Endpoints: VMware Carbon Black’s next-generation endpoint protection platform fights attacks on traditional endpoints by making it easier to analyze system events to understand what is normal in an environment, thereby preventing attackers from abusing legitimate tools.
- Mobile Endpoints: Compared to other MTD solutions (and unlike the nascent technology projects of some traditional endpoint protection companies), zIPS is the most enterprise-capable and privacy-protecting MTD solution and is the only MTD solution that detects both known and unknown mobile device, network, phishing and malicious apps attacks using an on-device using a machine learning-based engine.
Achieving UES Requirement #2:
Enabling overarching visibility, correlation & threat hunting across all endpoints
The second requirement is the lynchpin to the “U” in Unified Endpoint Security. Without an ability to view, correlate, threat hunt across all endpoints, security teams will not have a unified view or ability to create automated responses/remediations.
As a next generation SIEM and early entrant into what Gartner refers to as Extended Detection & Response (XDR) (“Top Security and Risk Management Trends, 27 February 2020, ID: G00466211), VMware Workspace ONE Intelligence is a service for Workspace ONE environments to help make data-driven decisions from a unique source of truth. By aggregating, analyzing, and correlating device, application, and user data across all endpoints, VMware Workspace ONE Intelligence delivers:
- Integrated Insights: Data-driven decisions from consolidated data / forensics;
- Powerful Automation: Agility and orchestration based on the data; and
- Risk-based Security: Continuous verification enabling zero trust.
For mobile endpoints, Zimperium provides detailed mobile threat data directly into VMware Workspace ONE Intelligence through Zimperium’s leveraging of VMware’s API.
Automated remediations / reactions is what separates next-generation SIEMs / XDR platforms from their data-focused predecessors. Using group-based policies, Workspace ONE Intelligence automations (e.g., remediations, user notifications) are created for specific mobile threats detected by Zimperium.
Threat intelligence sharing is required to lower overall enterprise risk and for orchestration across multiple products to enable and protect Zero Trust / 2FA initiatives. In that vein, a crucial capability that enables Zimperium and VMware to provide best-in-class UES today is the integration of all threat data from Zimperium and VMware Carbon Black directly into Workspace ONE Intelligence.
Zimperium shares the mobile threat and risk information that zIPS gathers on-device in real-time through the API with Workspace ONE Intelligence and the data is visualized in a Workspace ONE Intelligence dashboard. When combined with the VMware Carbon Black data/dashboard, cross-endpoint threat intelligence sharing is delivered.
For example, if zIPS detects that a mobile endpoint is on a malicious network, Workspace ONE Intelligence could take actions to limit access from the user’s laptop that is on the same network. When not only information is shared, but cross-endpoint actions are enabled, the vision of UES truly begins to become a reality.
In our on-demand webinar, VMware’s Director of Product Management for Workspace ONE Intelligence and Zimperium’s Chief Technology Officer get together to demonstrate and talk about:
- Integrating mobile and traditional endpoint threat data from Zimperium and Carbon Black into Workspace ONE Intelligence;
- Achieving overarching visibility, correlation & threat hunting across all endpoints;
- Utilizing Workspace ONE Intelligence automations (e.g., remediations, user notifications) to enable cross-endpoint actions.
With years of successfully protecting enterprises around the world together, VMware and Zimperium are here to help organizations protect both traditional and mobile endpoints. If you’d like to learn more about the way Zimperium and VMware can help you unify endpoint management and security, don’t hesitate to contact us.