Insights / Blog / Carbon Black and VMware: What’s in it for both and for you!
August 23, 2019

Carbon Black and VMware: What’s in it for both and for you!

Dave Gruber
Principal Analyst, Ransomware, SecOps & Services

Market Topics


endpoint-securityWith the recent announcement by VMware that it will be acquiring Carbon Black, VMware will be adding much needed security expertise and technology to its already strong portfolio.

The VMware security business unit expands its current NSX (software-defined networking and micro-segmentation), AppDefense (securing data center virtualized applications), and Workspace One (virtualized desktop platform and management) offering to include Carbon Black’s Predictive Security Cloud platform and associated applications, including CB Defense (next-gen antivirus and endpoint detection and response), CB Threat Hunter (threat hunting and IR), CB LiveOps (IT hygiene), CB Threat Sight (managed detection and response), and CB Defense for VMware (securing virtualized applications). Carbon Black also brings its long-standing, market-leading CB Protection product (application control, previously known as Bit9) and on-premises CB Response EDR solutions.  

Carbon Black began working together with VMware in 2017, as VMware began focusing on securing virtualized applications running in the data center. In support of this initiative, VMware AppDefense was announced at VMworld 2017 and began shipping in early 2018. With its initial introduction, AppDefense leveraged Carbon Black’s reputation services. Throughout 2017, the Carbon Black CB Defense engineering team worked closely with the VMware AppDefense team to construct a tightly integrated solution, combining AppDefense with CB Defense, providing a comprehensive virtualized application security solution that leverages the hypervisor.

When launched in early 2018, both VMware and Carbon Black’s go-to-market (GTM) teams marketed and sold the joint solution. This initiative set the stage for the recent acquisition announcement, bringing not only technology and security expertise, but also a well-oiled Carbon Black sales channel to VMware as they strive to establish a deeper relationship with the security buyer. VMware’s GTM team has traditionally sold to the network and operations buyer, where the Carbon Black GTM team has deep knowledge and relationships with the security buyer. Adding Carbon Black will provide the connection VMware needs to up its game with the security crowd.

For Carbon Black, this acquisition opens the door to a wealth of new opportunities in securing cloud and virtualized workloads, leveraging the intelligence and analytics engine available in its cloud-delivered Predictive Security Cloud platform. It also opens the door to VMware’s massive sales channel and potentially access to bigger budgets typically allocated to the purchase of VMware operational infrastructure. This will give Carbon Black a much-needed boost in its ability to enter adjacent markets with more vigor.

But as always, proof will be in the execution of this high-potential marriage. Carbon Black needs to stay focused and not lose any momentum in the next 18 months. VMware has a respectable acquisition history, so I would expect this to play out well for both teams. But for now, one more high-profile endpoint security vendor has been absorbed and others will quickly be maneuvering to grab market share. There is no shortage of players in endpoint security, and buyers continue to be hungry for the next innovation that will protect their growing attack surface.

Unparalleled insights from analysts with an "insider" perspective

From strategy and product development to competitive insights and content creation, we deliver high-quality, actionable support services.