VMware Carbon Black Cloud Workload Protection provides vulnerability assessment and inventory management for workloads hosted on vSphere. The VMware Carbon Black Cloud Workload Protection vulnerability solution provides shared information on vulnerabilities that is available in Carbon Black Cloud as well as in the native vCenter administration client.
Workload Protection is offered in different packages to suit your organization’s needs
Prevention and threat-hunting capabilities can be extended beyond vSphere workloads to your endpoints (desktops, laptops, servers, VMs, etc.).
In this walkthrough we are going to cover our workload solution and integration with vCenter. By following a simple methodology of identifying risk, then preventing that risk and lastly detecting and responding to that risk as shown in the image.
We will start by identifying a high severity exploitable vulnerability that has been categorized by our Risk Score. This score is a metric that accurately represents the risk of a given vulnerability in your data center (the actual exploitability of the CVE). It does so by combining CVSS information with proprietary threat data and advanced modeling from Kenna Security.
Once we Identify the exploit and its severity level, we will then show how that exploit was leveraged to compromise the machines in our environment. We will then show how we can prevent this attack as well as how we can detect and respond to these types of attacks with Carbon Black Workload Protection.