Modern applications are increasingly under attack. Traditional, perimeter-based solutions alone are not sufficient to protect against these subtle threats that leverage the complexity of distributed systems, such as microservices architectures. For example, the Heartbleed vulnerability yielded network traffic that looked normal to the human eye while exploited. Threats like this necessitate a set of tools to properly secure this attack surface.
Earlier this morning at VMware Explore, we announced a new solution — Project Trinidad, an API Security and Analytics Platform. Project Trinidad leverages machine learning models to learn normal East-West API traffic patterns between microservices in modern applications, which enables rapid detection and quarantining of anomalous activity.
Some highlights of Project Trinidad:
- Take immediate action on anomalies and Zero-day Attacks in modern applications
- Model normal application behavior, and detect and predict anomalous behavior
- Zero instrumentation required for deployment
Companies today are in a period of digital transformation. As they embrace application modernization as critical to business success, it’s clear that APIs are at the center of this evolution. Not only are they building new applications with modern, cloud-native architecture patterns, but they are also using these patterns to open parts of their legacy applications. APIs are used to expose data and create interaction surfaces never before available. Thus, attacks that target the increased complexity introduced with more loosely coupled, API-driven architectures affect more than just cloud-native applications. Likewise, attacks happening anywhere in the stack are sometimes undetectable by perimeter-based solutions (e.g., Log4j).
Project Trinidad is unique in its ability to merge security and observability. By creating a tool that makes modern applications observable beyond the human eye, we enable corrective action in the event of a subtle attack where network traffic might otherwise look normal. Likewise, Project Trinidad’s ease of onboarding means customers can start using those insights quickly. With today’s ever-increasing data breaches, this level of observability and agility is vital.
In addition to Project Trinidad’s efficacy as a security tool, VMware is creating options for how its customers choose to deploy the solution. As a SaaS product, customers won’t have to worry about managing this service. Alternately, our self-hosted option will allow customers to deploy Project Trinidad on their own infrastructure. With five percent or less overhead, local deployment will allow customers with regulatory constraints to take advantage of the insights gathered in our models. Our self-hosted option will also leverage federated machine learning technology (FML). Not only does this approach avoid creating an attack surface and incurring costs from moving data, but it also means Project Trinidad models have more material to train on, continuously improving the accuracy and precision in its ability to detect anomalous behavior. If you would like to learn more about how we are using Machine Learning in our solution, check out Yujing Chen’s recent blog.
We invite you to learn more about what a modern, proactive approach to application security looks like. The Project Trinidad development team is actively seeking design partners and would welcome the opportunity to start a conversation by walking you through the solution in more depth. If you are interested in collaborating, please reach out to firstname.lastname@example.org.