SOC, Content, Endpoint/Device Security, Security Operations

VMware Launches SOC Alliance With SIEM, SOAR Software Partners

Credit: WMware

Carbon Black parent VMware has launched a Next-Gen SOC Alliance with multiple SIEM (security information and event management) and SOAR (security orchestration, automation and response) software providers.

Tom Barsi, VP of alliance, VMware Carbon Black
Tom Barsi, VP of alliances, VMware Carbon Black

The alliance strives to help customers build modern SOCs (security operations centers) that deliver "unprecedented visibility and remediation capabilities across endpoints, networks, workloads, and containers," according to Tom Barsi, VP of alliances for VMware Carbon Black.

How will the SOC alliance potentially benefit MSPs and MSSPs? In response to that inquiry from MSSP Alert, Barsi said:

"We expect the Next-Gen SOC Alliance to be well received by our MSSP and MSP partners. Most of these service provider partners leverage these same SIEM/SOAR platforms in their managed SOC. With this announcement, our service provider partners will be able to fully leverage our XDR data within their SOC to respond to threats more quickly and make their resource constrained SOC analysts more efficient."

Carbon Black has a long history of working with both MSPs and MSSPs. The evidence:

Still, VMware Carbon Black faces intense competition from MSP- and MSSP-friendly endpoint protection software providers. Key rivals include BlackBerry Cylance, CrowdStrike, Cybereason, OpenText Webroot, SentinelOne and VIPRE, among others.

SOC Alliance Members

Key VMware Next-Gen SOC Alliance participants include:

Haiyan Song

Those systems integrate with VMware Carbon Black Cloud to deliver key "XDR capabilities and context into SIEM technologies that power the modern-day SOC," the companies say.

In a prepared statement about the alliance, Splunk Senior VP and GM Haiyan Song said:

“Splunk’s Security Operations Suite acts as the backbone for some of the most advanced SOC’s in the world. As the security industry continues to embrace data at the center of their security strategy, it’s more important than ever to combine the power of Splunk’s industry-leading SIEM and SOAR solutions with XDR to fight back against increasingly sophisticated cyber actors. We are pleased to bring Splunk Enterprise Security and Splunk Phantom to this alliance with VMware Carbon Black and look forward to helping our mutual customers around the world solve their toughest security challenges with data.”

Companies that would like to potentially join the SOC alliance can email [email protected].

SOC Alliance: Who's Missing & Market Reality Check

The alliance sounds like it's off to a promising start. But several SIEM Gartner Magic Quadrant companies -- such as AT&T Cybersecurity, Fortinet, LogRhythm, McAfee, Netsurion Event Tracker, Rapid7 and Securonix -- are noticeably absent from the kick-off effort. Plus, fast-growing options like Microsoft Azure Sentinel and Arctic Wolf Networks weren't mentioned in the kick-off release.

Also of note: The announcement didn't mention VMware parent Dell Technologies, and sister business Secureworks -- which is a Top 200 MSSP that works closely with Carbon Black.

Still, more moves are coming. In a follow-up LinkedIn note from Barsi to MSSP Alert, he noted that VMware has existing relationships with AT&T Cybersecurity and LogRhythm, among others.

Meanwhile, the overall cybersecurity market remains healthy. But the industry has seen some targeted staff cuts and compensation cuts amid the coronavirus pandemic and associated economic fallout. For instance, VMware froze salaries and cut executive pay earlier this month.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.