Carbon Black execs reveal post-acquisition plans


Adam Shepherd

29 Aug, 2019

Last week, VMware threw the tech industry a curveball when CEO Pat Gelsinger announced that not only would it be acquiring Pivotal, as had been announced the previous week, it was also snapping up security firm Carbon Black. While the deal isn’t expected to close until the end of January next year, the company has devoted a substantial chunk of this year’s VMworld conference to discussing the acquisition, and what it means for the future of both companies.

For Carbon Black CEO Patrick Morley, the acquisition presents a huge opportunity for the company to expand its capabilities, and he sees a number of areas where being part of VMware can help it protect its customers in new ways.

“Pending close, I think there’s a number of opportunities,” he tells Cloud Pro. “The biggest one’s end user computing. Management and security go hand in hand, so end user computing is a huge opportunity for us.”

A substantial part of this is integration with Workspace ONE, VMware’s desktop virtualisation product. It’s one of four key integrations with its existing portfolio that VMware has already identified as priorities once the deal goes through. Not only does it make sense from a customer use-case perspective, VMware COO Sanjay Poonen pointed out that many Workspace ONE customers are also Carbon Black customers, a fact which supposedly influenced the decision to acquire the company.

While both VMware and Carbon Black executives have indicated that the company intends to keep the Carbon Black brand alive once the deal closes, and there are no immediate plans to shutter any of its services, Gelsinger told Cloud Pro that the goal is eventually to weave Carbon Black’s technology into VMware’s platform rather than offering it via standalone applications.

“The plans are to bring these integrated solutions together,” he says. “You could imagine you’re going to buy your Workspace ONE with Carbon Black. And these just end up being features. The thing is, we don’t want customers to be ‘buying point products for point use cases’ – buy a platform that gives you lots of those benefits.”

“Customers today will have a Tanium agent, Right? And they’ll have a McAfee agent, and they’ll have a Qualys agent. They’ll also have a Workspace ONE agent for management. So I’ve got four agents on the client. I have customers literally, who have 17 agents on every PC. 17 agents. What are you talking about? One was our goal, as we collapse all of those use cases into one underlying agent.”

Don’t wait, integrate

Being owned by VMware will make Carbon Black a de facto part of the Dell Technologies family, which also opens up other avenues for expanding its endpoint protection.

“Obviously, the Dell family is another capability, because Dell increasingly is providing security to its customers, as part of the laptops and other hardware that they’re providing. And so if we can build security right into that, it’s hugely advantageous too,” Morley says. “You will certainly see us work with Dell – again, pending close – to actually give customers the option to be able to put security right onto the machine, if they so choose.”

If Dell’s business laptops come preloaded with a free subscription to Carbon Black’s endpoint detection and response (EDR) service, this could be hugely beneficial for organisations. The more exciting prospect, however, is the potential impact Carbon Black’s technology can have on application security for VMware customers.

“The second piece is the work that’s already been done around app defence, which is actually building security hooks right into vSphere,” Morley explains.

This integration would enable agentless protection of applications running in vSphere, improving both application performance and detection rates. This would be groundbreaking and, if successfully integrated, has the potential to radically improve the security of organisations running vSphere.

Elsewhere, VMware is planning to integrate Carbon Black’s technology into its NSX platform to provide more in-depth network security analytics, as well as partnering it with another recent acquisition – Secure State – to address security configuration challenges. However, while the acquisition will allow Carbon Black to expand into new kinds of protection, the company executives are also extremely excited about its potential to supercharge its existing services.

One of the linchpins of Carbon Black’s technology is the collection and analysis of security data from all of the endpoints that are running its agent. At the moment, that consists of 15 million endpoints, but if Carbon Black’s agent is incorporated into vSphere or Workspace ONE, that total significantly increases overnight.

Room for growth

“We’re super excited to be able to leverage the reach that Dell EMC and VMware bring to the equation here. I mean, there’s 70,000 partners that we’re going to be able to tap into,” says Carbon Black’s senior vice president of corporate and business development Tom Barsi. “That’s really where you’re talking about adding a zero to the number of customers we’re touching.”

In addition to improving its protection capabilities, this increase in footprint and telemetry will give more fuel than ever to Carbon Black’s Threat Analysis Unit (TAU), which conducts research into security trends as well as analysing new and emerging threat actors and attack methodologies. This research, Morley promises, will most certainly continue and will in fact likely expand once the company joins VMware.

Carbon Black’s executives seem to be exceedingly positive about the prospect of joining the VMware family, which should come as no surprise. Carbon Black has been a technically-focused company since its inception – Morley notes that the company was founded by a team of actual hackers – and this emphasis on technology and engineering is at the core of its new owner’s values.

“I’m really excited,” Carbon Black CTO Scott Lundgren told Cloud Pro. “As CTO, it’s pretty amazing to have an opportunity to work with a highly technical leadership team. It starts with Pat. As ex-CTO of Intel, he’s got a great reputation, and he deserves it. He’s fantastically technical, so he understands the problem. He knows what it takes to actually address it, he can act with confidence, because he knows what’s going on under the hood. But it isn’t just Pat, the whole team is deeply technical [and has] a lot of expertise in a wide variety of technical fields across the board. It’s really great to see.”

“We’re going to have some work to do, obviously, to scale up but it’s very tractable, as long as you’ve got the right mindset at the top – and Pat has that.”