vArmour Named a 2019 Distinguished Vendor by TAG Cyber Security

We are proud to announce that TAG Cyber Security has selected vArmour as a Distinguished Vendor in the 2019 TAG Cyber Security Annual. We are honored to be included in this exclusive list, validating our approach to hybrid-cloud security through simplified application discovery, advanced policy computation, and scalable enforcement.

Led by industry veteran Dr. Edward G. Amoroso, TAG Cyber has been providing enterprise cyber security professionals with trusted guidance on roughly 2000 security vendors in its Annual for the last three years. From this list, roughly 50 leading cyber security technology companies are identified as TAG Cyber Distinguished Vendors that TAG believes have groundbreaking security solutions that are truly worth additional time and consideration.

To dive deeper into the enterprise security challenges that vArmour is addressing, Dr. Amoroso interviews our very own Chief Technology Officer, Marc Woolward in Volume 2 of this year’s Annual. This insightful interview is included below, and the full 2019 TAG Cyber Security Annual can be download at www.tag-cyber.com.

Ed Amoroso: Do most organizations recognize the changes occurring to their perimeter?

Marc Woolward: By this point, a large proportion of Enterprises have recognized the business advantage of multicloud architectures to their business and determined that the traditional ‘security perimeter’ is no longer relevant in protecting such environments. Not only do these static architectures impede the agility required but they also fail to protect applications deployed across the multicloud, and certainly no longer provide the level of visibility and control needed to defeat attempts at lateral traversal associated with Advanced Persistent Threats (APTs) and Advanced Targeted Threats (ATTs), particularly now we see nation state-developed malware in the hands of criminal hacker groups.

EA: How do CISO teams best address the challenge of virtualized enterprise security?

MW: We are now seeing Enterprises thinking strategically about securing their multicloud applications, of which their ‘on-premise’ virtualized estate is a part but which also includes PaaS and public cloud IaaS. Any solution addressing just the virtualized or the containerized environment, is going to add security complexity to the complexities associated with heterogeneous cloud environments. Clearly security controls need to encompass applications wherever they execute, and provide consistent levels of protection, but more importantly enterprise security teams need the tooling to allow them to manage security risk through the application lifecycle across the multicloud. They need the tools to understand their applications wherever they execute, assessing the risks and computing the requirements to protect them.

EA: How does the vArmour platform work?

MW: vArmour provides our customers with the visibility and computed policies to secure their applications wherever they are deployed. Our Application controller ingests telemetry and metadata to produce application models which can be turned into validated, measured policies. Our sensors collect l7 application telemetry and allow security policies to be enforced in the environments without native controls or telemetry.

EA: Can teams easily orchestrate policy across multiple platform instances?

MW: Yes. The application controller provides a consistent pane of glass from which to secure applications and abstracts the differences within each of the public cloud environments, virtualized and physical on-premise deployments, and containers wherever they may be deployed.

EA: What prediction do you have in this important area of enterprise security?

MW: Securing applications from today’s nation-state class attacks across heterogeneous multiclouds can be complex, and any solution that is itself complex will make the problem worse since complexity is the enemy of security. We are focused on driving application security towards an autonomic, self-securing model based upon a data driven approach. We believe that although Data Science techniques have been applied broadly to reactive threat detection and response, they are particularly suited to the automation of proactive policies which provide application security proactively, reducing the need for response.