What AppDefense Does
In contrast to traditional security solutions which focus on chasing threats, VMware AppDefense leverages its position in the hypervisor to learn and verify the intended state of an application and respond immediately to deviations from that state. The result is a common source of truth for IT and security teams, making it easy for them to collaborate around compliance, security incident investigation and incident response.
Understand Intended State of Application
From inside the vSphere hypervisor, AppDefense has an authoritative understanding of how data center endpoints are meant to behave and is the first to know when changes are made. This contextual intelligence removes the guesswork involved in determining which changes are legitimate and which are real threats.
Respond Automatically with Precision
When a threat is detected, AppDefense uses vSphere and VMware NSX Data Center to automate the correct response. AppDefense can automatically:
- Block process communication
- Snapshot an endpoint for forensic analysis
- Suspend or shut down the endpoint
Protect the Protector
Because AppDefense is installed in the vSphere hypervisor, it has an isolated, protected environment from which to continually monitor data center endpoints. This reduces the chance of AppDefense itself being compromised.