During this podcast, VMware partners heard from VMware's Damon Cabanillas, VP of Sales.
Speaker 1: On behalf of VMware and Carahsoft, we would like to welcome you to today's podcast, protecting your customers’ apps and data with VMware and intrinsic solutions. Today's speaker is Damon Cabanillas.
Damon Cabanillas: Great, thank you very much, and greetings and salutations to all of our channel family out there. My name is Damon Cabanillas. I am the head of our security business unit in the US federal government in Americas. So today we're going to talk about carbon black, and the carbon black capability and portfolio within VMware. So let's get right to it. Hopefully you're aware of carbon black as a security business unit within VMware. We were acquired by VMware in August of 2019. And I'm wanting to founding members of our federal carbon black team, our company just by way of introduction, was actually born from the US federal government. So supply chain is very important at this critical inflection point in US government. And our supply chain is American. And it is us. Our actual founders came out of the NSA and the CIA. And we got our initial seed money in early 2003 from the US federal government. And over time, our solutions have grown to secure 15 million endpoints, a trillion events per day, 500 terabytes of daily analysis, artificial intelligence machine learning analysis on different threat vectors, over 20,000 customers use carbon black, by VMware today in our ecosystem is pretty immense. We have a lot of capabilities and ecosystem partners that plug into our platform, as well as who can deliver our platform either as a managed service, or as a value added reseller. As many of you out there are today. We also have an incident response channel. It's made up of organizations like Accenture, federal, like Booz Allen Hamilton, like CRO etc. And then our platform has over 350 integrations, we are built on open restful API's that permit certain forms of integration to our capabilities securely, so we can add integrations, that speed operational value for our customers, and allow our customers to get rich value out of the telemetry we collect. We are a tool that is focused on the endpoint. I'll get more into that in a minute. But we have offices all around the world. And we were a Boston based company and now obviously, our Palo Alto based company, as part of VMware. So my team, this is the team, we go to market within us federal government. Again, I am the leader of our security business unit running federal. I'm joined here by Jody Fredson, who is our channel account manager for the security business unit. And we're structured to support the alignment within the VMware sales organization in US Federal, and the federal systems integrators. So we have a sales specialists for the army and defense agencies. We have one for Air Force and the CO coms Navy, Marine Corps, national security, healthcare, civilian, and obviously the federal systems integrators. And I can't say specifically, where we're landed in some of these areas, I can say we have a good history in federal and a lot of the customers listed here, and the agencies listed here use our tools, but I will say we are used in a number of areas for threat hunting, and we're used in a number of areas to meet compliance controls, like 853, NIST 853, specifically, NIST 801 71, which applies to the federal systems integrators and CMM, NC. And we also are used to address the most recent executive order on cybersecurity, which calls out endpoint detection and response. So what we want to talk about is our capabilities that are delivered as part of VMware and as part of carbon black. But one of the things I want to point out is we are trying to simplify security. Not only do our customers in the US government faced the most advanced nation state attackers in the world, but they also face their own internal complexity, and just the silos of tools and teams, and operational tool sets that were built over the years in the government that make their job extremely complicated. That only helps the adversary unfortunately. And our role, obviously, is to try to provide better defensive cyber operational tools for our source in a simplified manner to reduce the number of sensors and tool sets, they're in production today. And the speed the time to value of these tools. In light of mode, the most recent executive order on cybersecurity where EDR, Zero Trust, multi factor authentication and other things are required, they're going to have to feel tools they already own or introduce new tools or consolidate tools into their environment. And we believe as VMware we are uniquely positioned in Critical Control Points listed here, to speed, time to value and to provide tools that integrate with the existing capabilities that are in place and to remove a number of agents envelope that were in our that are within their organization and their defensive cyber operations today. If you look at the future outlook, and, you know, our position within VMware and what our value proposition is, it's really around simplifying, speeding time to delivery with the unique control points, we can address, and providing greater situational awareness and intelligence smarter and context aware as opposed to threat specific. So we are working aggressively as an organization and VMware since we were acquired, has invested over 500 r&d heads in our security business unit, to help us build our capabilities and artificial intelligence machine learning. And our portfolio that was carbon black natively into VMware tool sets. So the platform can be used to deliver these capabilities, again, unified and context centric. And if you think about the use cases and the customer value we bring, it's early in these areas, we modernize the security operation center, we will provide and can provide today secure modern apps, as in container security. And we can secure a Tanzu and Kubernetes. In any case that's out there. We also secure cloud workloads within VMware platform natively. So our capabilities can be turned in or turned on, excuse me in vSphere. As long as you're using version Six, five or higher, and V VM Tools, you can turn on carbon black cloud, and it's running natively inside vSphere and can quickly in a very short period of time provide you endpoint detection response, and any text detection response natively within the hypervisor. We also are a toolset that is used in workspace anywhere where we can secure this most recent distributed workforce, right the number of people in the government that are working remotely now because of pandemic, the highest number ever, and I don't, I don't foresee that changing dramatically. The reliance on legacy tools like antivirus, and VPN are moving towards things like Secure Access Services edge and moving towards new tools like next gen AV, and EDR to provide greater security control, and to mitigate the surface attack layer as workers work from home not behind the network security stack that the government has. And if you look at the portfolio we bring to bear I think it's a very broad portfolio that our partners can use to add true value to the government and to help the government improve their defensive cyber operations while at the same time help our partners drive profit and growth in their business. We have one of the most, if not the most complete portfolio in the market when it comes to cybersecurity and it's only gotten better over time. We're focused specifically on Endpoint Protection and the endpoint protection platform and EDR. However, there is a very rich portfolio that when working together, will deliver any detection and response and will help our customers again, consolidate remove the risk associated with complexity, and speed time to value of these new capabilities within the government. Speaking of portfolio here is here's the portfolio as you align it to our customers’ operational function. We have tools that align to specific functional groups within the government all uniquely positioned to support specific control points, and to integrate our capabilities across these control points where we're positioned within our customers’ infrastructure, which is pretty clinical. The End User services team obviously works to feel tools like workspace one, and carbon black as an endpoint protection platform and horizon, the networking teams work to feel secure x services edge and velo cloud, SDN and NSX. And micro segmentation. The DevOps, secure ops team works to field Tanzu and Kubernetes. We work to secure those, those workloads and those containers, the entire VM See portfolio, they can be delivered for a customer to give them agility across any cloud provider and we can provide the workload security within the hypervisor. So agility is realized securely across any cloud provider. The policy follows the workload, which follows the cloud provider. And our partners can participate in this entire portfolio and broaden their reach inside and depth inside of a customer account. So I think it's really important as you go to market to think how you go to market with a specific company, as opposed to doing it in silos, you can do it a platform across the customer base and get wider and deeper in your customer. I spoke earlier about the executive order, what it means for VMware in carbon black, there are many areas that we address in the executive order, I'm only going to focus on endpoint detection response. However, our tool sets also obviously cover things like secure acts service, secure access services, edge, cover things like Zero Trust to cover things like incident reporting, cover things like infrastructure, we partnered to deliver MFA, multifunctional authentication and single sign on. So we address multiple areas of the executive order and partnering with us to deliver these capabilities for our customers in a quick manner, because speed to value is going to be critical here is important. And we urge you to think about where you are positioned in your customer reach out to us and partner with us specifically, endpoint detection response, and we believe the government will evaluate us and others based on market viability, which of course accreditations what impact levels we have that are suitable for their workloads, our market penetration, our technical viability or ability to scale, the analyst perspective on carbon black, our deployment options, again, our time to value, our ease of contract, and the operational and sustainment cost long term for our capability. And I'm pleased to say, we shine in all of these areas. The one area where we have a slight disadvantage is in FedRAMP. But I'm pleased to say we're about to deliver our FedRAMP package to the FedRAMP PMO. And we anticipate getting approved and FedRAMP, authorized FedRAMP high in very short order. So I urge you to think about this executive order in your partner in your government customer counts and think about how VMware in carbon black can help you in this area. If you think about the different deployment options we have, we have a full cloud Endpoint Protection platform portfolio delivered from the cloud single agent, single console, single data set multiple services that can be offered agentless and vSphere agentless in horizon and built in unified in a single agent with workspace one, delivering both VDI delivering vulnerability patch management and all the different services to include mobile device management that come along with workspace one. And our portfolio. And again, we're in a position as a company to offer our capabilities both cloud software as a service, subscription based and on prem, subscription based, and our competitors can't say the same thing. And when you think about the different types of OS environments that our customers must field and support, we cover majority if not all of the operating system environments they need to support. These are some of the drivers that our customers obviously use to evaluate our capabilities in cloud and on prem. But we can be used directly as a way to address the cybersecurity imperative and the executive order that just came out as a replacement to McAfee and Symantec who's going through their own transformation. And as a way to address Zero Trust combined with workspace one, and again, speed to value agentless in the vSphere and unified in workspace one. And we can provide security in any multi cloud environment, because we're a critical control point inside the hypervisor. And we provide this entire portfolio agentless within vSphere all good advantages for you to position and qualify carbon black as part of your sales motion. Also, we have another portfolio that I mentioned that I think I've talked about in the past, but I'll reiterate here is application control. This is an approved product on the DHS CDM approved products list. This is a solution that's used for multiple use cases, is used for software asset inventory, and software asset management. And it's used to only allow known good software as it is an application control product to run operationally in an environment. It is the strongest form of security that can be deployed operationally in an environment and it means control points around the to 853 801 71, which is a key driver for funding and execution within the government and adoption of the government. We have a lot of reference use case here, we invented application control. And we were the leader and application controller. In terms of endpoint detection and response EDR. Carbon, black actually created the very first patent and created the market for endpoint detection response. There are others out there clearly. But we were born out of the government, we were funded by the government initially, and our capabilities have been validated by the government. And we are a US supply chain organization. Again, this can directly support the executive order on EDR, and helps our customers build on their threat hunting programs, most of them are building those out now in face of this most recent attack. So they'll look for tool sets that are both cloud and on prem. And we are uniquely positioned to deliver both. And in certain environments that are air gapped that will not go into the cloud, we are uniquely positioned. The only other competitor that's really out there is endgame, who can say they can deliver both a cloud and an on-premise. Use Case deployment option. So lots of customers in this area, I won't go through all of them, you saw a sample list. But we have lots of past references, or existing references, excuse me, and past performance in this area. And again, we were the early inventor of EDR. And our future, I think is very bright. As you look at our portfolio across VMware. Not only do we have a very strong portfolio, but we have a portfolio that shares this telemetry across all of our different solution sets within VMware vSphere, cloud Foundation, Tanzu, workspace one and NSX to provide any detection and response xDr which can clearly be used in case of government today. And I believe this is the direction the government will go in and we have a platform to address that with our partners. And it is in alignment directly with our vision as VMware, any device, any application, any cloud. VMware is the platform to help deliver on that vision. And we are the security tool embedded in that platform, helping our government build new defensive cyber operations that are next gen.
Speaker 1: Thanks for listening. If you'd like more information on how Carahsoft or VMware can assist your organization, please visit www.carahsoft.com or email us at vmware@carahsoft.com. Thanks again for listening and have a great day.