惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hugging Face - Blog
Hugging Face - Blog
Jina AI
Jina AI
宝玉的分享
宝玉的分享
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
人人都是产品经理
人人都是产品经理
博客园 - 聂微东
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
J
Java Code Geeks
博客园 - 【当耐特】
小众软件
小众软件
博客园 - Franky
S
SegmentFault 最新的问题
WordPress大学
WordPress大学
雷峰网
雷峰网
The Cloudflare Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
量子位
Last Week in AI
Last Week in AI
博客园_首页
月光博客
月光博客
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
Webroot Blog
Webroot Blog
Stack Overflow Blog
Stack Overflow Blog
腾讯CDC
云风的 BLOG
云风的 BLOG
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
W
WeLiveSecurity
Recent Commits to openclaw:main
Recent Commits to openclaw:main
D
Docker
The Last Watchdog
The Last Watchdog
有赞技术团队
有赞技术团队
Hacker News - Newest:
Hacker News - Newest: "LLM"
D
DataBreaches.Net
S
Security @ Cisco Blogs
Blog — PlanetScale
Blog — PlanetScale
GbyAI
GbyAI
TaoSecurity Blog
TaoSecurity Blog
S
Security Affairs
Y
Y Combinator Blog
O
OpenAI News
罗磊的独立博客
MongoDB | Blog
MongoDB | Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Forbes - Security
Forbes - Security
P
Palo Alto Networks Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
K
Kaspersky official blog
Cloudbric
Cloudbric

VMware Security Blog

Validated Compliance: VMware vDefend Conforms with NIST CSF, HIPAA and PCI DSS Introducing VMware vDefend Lateral Security Design Blueprints for VCF 9.1 AMD Ionic Driver Vulnerabilities Affecting VMware ESX VMware at Pwn2Own Berlin 2026 Breaking the Ransomware Kill Chain: Why Distributed Lateral Security Is No Longer Optional Virtual Patching: Guarding Against a Tsunami of AI-discovered Exploits with vDefend and Avi VMware vDefend: Zero Trust Lateral Security for Kubernetes Workloads on VCF Why Perimeter Firewall is Not Enough: Lessons from the GoAnywhere MFT Zero-Day Advancing Zero Trust Private Cloud with vDefend Lateral Security Game changer: How AI simplifies implementation of Zero Trust security objectives vDefend DFW 1-2-3-4: Deploy Zero Trust Microsegmentation in a Few Weeks to Rapidly Secure VCF Workloads Stacking Your Defenses: Integrating Advanced Threat Prevention and SIEM Unleash Zero Trust: Secure Private Cloud and Agentic AI Workloads with VMware vDefend Innovations VMware vDefend Sessions at Explore 2025 Dubai Airports Secures Critical Infrastructure with VMware vDefend
VMware vDefend for VCF 9.1: Zero Trust Lateral Security for the AI Era
Prashant Gandhi · 2026-05-05 · via VMware Security Blog

New enhancements include Self-Service Lateral Security with VCF Automation, Unified Lateral Threat Prevention for VMs and VKS Workloads, High-Performance Threat Prevention with IDPS Turbo Mode, and Enhanced Distributed Firewall capabilities.

The rapid adoption of production AI workloads is reshaping the enterprise technology landscape, driving the growth of Kubernetes environments alongside existing VM-based infrastructure. As organizations deploy AI agents and AI workloads across private cloud environments spanning VMs and Kubernetes, the attack surface becomes larger and more dynamic. The result is a rapidly evolving threat landscape, driving the need to secure both VM- and Kubernetes-based environments efficiently and consistently.

Recent incidents, including the CISA-reported BRICKSTORM malware activity and the rise of AI-assisted semi-autonomous cyberattacks, underscore that adversaries are now operating at machine speed. At the same time, enterprises face several practical challenges: reducing the attack surface to prevent lateral propagation of threats, securing workloads at the speed of application deployments, enforcing consistent security across VMs and Kubernetes environments, delivering the performance required for AI and high-capacity workloads, and consolidating security within the core platform rather than relying on fragmented point solutions.

VMware vDefend is integrated with the VMware Cloud Foundation (VCF) platform, providing plug-and-play zero-trust lateral security that protects modern distributed workloads, including AI and high-performance computing, without compromising the performance and agility they demand.

vDefend’s hypervisor-native, distributed, software-defined model provides a closed-loop security architecture that uniquely enables visibility, prevention, detection, and mitigation for comprehensive multi-layer defense. Additionally, vDefend’s distributed policy orchestration allows policies to be created once and automatically enforced as workloads are created or moved.

New vDefend innovations for VCF 9.1

  • Self-Service Lateral Security with VCF Automation: VCF Automation’s Self-Service Lateral Security enables infrastructure and security teams to establish guardrails, such as predefined VPC security profiles and delegated distributed firewall (DFW) settings, allowing tenant admins to access security features on demand. This facilitates quicker application onboarding and ensures a uniform security baseline across all tenants.
  • Unified Lateral Threat Prevention for VMs and VKS Workloads: As agentic AI and cloud-native applications drive Kubernetes adoption, VMware vSphere Kubernetes Service (VKS) clusters can now be inspected and protected by the same high-performance distributed IDS/IPS that currently secures VMs. Security teams get one console, one policy model, and consistent lateral threat prevention across VMs, containers, and bare-metal workloads, eliminating the blind spots attackers exploit. Customers deploy IDS/IPS (1) to meet compliance requirements (PCI-DSS and HIPAA) and (2) to enable virtual patching that quickly protects against software vulnerabilities while patches are rolled out enterprise-wide.
  • High-Performance Lateral Threat Prevention: The new IDPS Turbo Mode delivers 3x throughput, increasing from 3 Gbps to 9 Gbps per host and up to 9 Tbps per VCF domain, enabling security teams to protect against software vulnerabilities (virtual patching) and behavioral threat detection for modern AI and high-capacity workloads.
  • Enhanced Distributed Firewall Capabilities: A 5x increase in Application Identification support for greater L7 visibility and simpler, granular security enforcement. Additionally, identity-based firewalling now supports a federated (multi-site) environment for consistent, simplified policy enforcement.

Built upon these key capabilities, vDefend serves as the comprehensive lateral security foundation for VCF, protecting VMs, containers, and AI workloads. The following sections will detail each of these key features.

Self-Service Lateral Security with VCF Automation

VDefend 9.1 introduces a comprehensive self-service security model that empowers Tenant Admins to manage network security directly within VCF Automation through five system-defined Security Profiles. The VPC Simplified Security feature provides one-click security for Virtual Private Clouds (VPCs) using consistent, repeatable security profiles. Tenant Admins can select a security profile for new and existing VPCs, automatically setting the default security posture and eliminating the need to manually create foundational Distributed Firewall (DFW) rules. The system-defined per-VPC DFW rules cannot be modified manually. Security policies follow a precedence order, with user-defined policies enforced before system-defined VPC security policies. This structure supports a self-service security model with automated DFW policies. In addition, this new release provides granular firewall control for both Distributed and Gateway Firewalls while enabling automated orchestration using Privileged Labels. 

Unified Lateral Threat Prevention for VMs and VKS Workloads

vDefend delivers unified lateral threat prevention by extending its hypervisor-native IDS/IPS capabilities from VMs to vSphere Kubernetes Service (VKS) workloads via CNI integration. This architecture allows security teams to enable IDS/IPS at the pod level. This capability enables vDefend IDS/IPS to continuously inspect traffic, detect, and prevent threats for mixed-mode hosts (VMs and Kubernetes). 

High-Performance Lateral Threat Prevention

VMware vDefend 9.1 delivers a major performance boost with the introduction of “Turbo Mode” for Distributed IDS/IPS, which triples threat-prevention throughput from 3 Gbps to 9 Gbps per host and up to 9 Tbps within a single VCF instance. In addition, this release provides granular control over inspected traffic with exempt actions. The new exempt actions allow security admins to select which traffic to inspect and exclude trusted traffic, such as nightly backup traffic. This also improves efficiency. 

Enhanced Distributed Firewall Capabilities

The Distributed Firewall enhancements include Layer 7 (L7) visibility and simplified policy management based on Application identification. A 5x increase in Application identification, adding ~4,000 new Application IDs, provides enhanced application visibility and enables security teams to create granular firewall rules based on the application itself rather than relying solely on ports and protocols, making security enforcement simpler and more effective. Additionally, federated identity-based firewalling has been introduced to enable uniform policy enforcement across large (multi-site) deployments. 

Conclusion

The rapid growth of AI workloads and distributed infrastructure has made traditional perimeter-based security measures insufficient. This evolving threat landscape is further complicated by AI-assisted, semi-autonomous attacks and the emergence of software vulnerabilities identified by AI models, which greatly widen the attack surface. As a result, lateral security is now an essential part of a comprehensive security strategy, not just an optional addition to perimeter defenses. Security teams need controls that match the agility of their workloads, enforce policies uniformly across containers and VMs, and enable lateral security to prevent the lateral movement of threats. VMware vDefend, along with its new capabilities, enables infrastructure and security teams to implement Zero Trust lateral security to protect VCF workloads at the speed and scale the AI era demands.  

To learn more about vDefend, see the links below.

Resources