VMware buys Mesh7 in cloud security push

The move will better enable VMware to monitor cloud application traffic between virtual machines

VMware is expanding its security capabilities with the acquisition of cloud-native security company Mesh7.

The acquisition, the terms of which have not yet been disclosed, will better enable VMware to monitor cloud application traffic between virtual machines, the company said. 

Many products, such as intrusion prevention systems and firewalls, secure traffic travelling across a network, but increasingly, companies are using virtual machines or containers and sending requests between them using application programming interfaces (APIs).

Organisations need visibility into those APIs to see how the software that uses them is behaving. Mesh7 offers a product that monitors those APIs and calls, called the API Service Mesh, which includes functions including an API firewall and API gateway.

The API Service Mesh can tell when Kubernetes applications are being accessed externally and can monitor API security within applications that are distributed across lots of locations and machines. This makes it ideal for DevSecOps, which is a version of the cloud-focused DevOps development discipline that automates development and deployment. 

Related Resource

On-prem storage vs. public cloud storage

Economic advantages of on-premises object storage vs. public cloud for enterprise data storage

On-prem storage vs. public cloud storage - whitepaper from CloudianDownload now

VMware, with its heritage in virtual machines, was interested in Mesh7's cloud-native API monitoring capabilities. Another thing that made the company an attractive acquisition target was API Service Mesh's reliance on Envoy, which is an open source proxy system built for cloud-native applications originally created at ride-sharing company Lyft.

Envoy enables cloud-native application traffic to run over its communications bus, making it easier for DevOps pros to see what large distributed applications are doing and identify any performance issues or other operational problems. VMware uses Envoy in its own Tanzu Service Mesh that automates networking and security in distributed applications.

"VMware is seeing increased demand for a fully integrated API + service mesh product with Envoy as the foundation. The exact same Envoy architecture used in the initial service mesh use case can also control how one application can talk to another application via APIs," said Tom Gillis, SVP and GM of VMware's security business unit, in a blog post announcing the acquisition.

API security is becoming an increasing problem for developers and operations teams alike as companies move increasingly to API calls. Akamai has said that 83% of web traffic consists of API calls, and 40% of web applications' attack surface is API-based. Salt Security recently revealed that 90% of businesses experienced API security vulnerabilities in 2020.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Most CISOs worry cloud software flaws aren’t being caught
cloud security

Most CISOs worry cloud software flaws aren’t being caught

7 Jun 2021

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
IT Pro Panel: Why IT leaders need soft skills
professional development

IT Pro Panel: Why IT leaders need soft skills

26 Jul 2021