VMware's security boss suddenly bails

Tom Corn heads to Open Systems as Virtzilla hints its SmartNIC push has borne fruit


Video VMware's security products boss has bailed.

Tom Corn, until last week the company's Senior Vice President of Security Products, tweeted the news on Thursday.

VMware stumbled into the security business when users found the most immediately valuable feature of its NSX network virtualization suite was micro-segmentation – the ability to create virtual networks for specific purposes, often using policies specific to the needs of particular applications or infrastructure. The company then added "App Defence" – a product that promised to observe workloads and, if they diverged from policy, use compute and network virtualization to isolate the suspect workload before it could do any damage.

The Register understands that App Defence proved frustratingly susceptible to false positives, which was one reason VMware acquired Carbon Black – a fellow traveller in terms of believing in policy-driven security. The company has since moved to meld the best of NSX and Carbon Black, and believes its approach of ensuring known good configurations are in place, rather than detecting attacks, gives it the chance to distinguish itself in a very crowded market. Other security offerings target Kubernetes and the emerging Secure Access Service Edge (SASE) market.

The company constantly talks up the opportunities on offer in security, but seldom mentions financial performance or adoption rates. Indeed, in its last quarterly results call, the company hedged: "We continue to focus on integrating Carbon Black and Tanzu into our product development and go-to-market selling motions."

Corn's as-yet-unnamed successor gets to sort that out.

They'll do it without the assistance of COO Sanjey Poonen, who also recently left the company. Poonen's departure was announced alongside the appointment of Rangarajan Raghuram as VMware CEO.

Raghuram has so far kept his cards close to his chest, but The Register understands he has a creed of "customer in and customer first" that sees VMware strive to get face-to-face with customers as a means of discussing its broad portfolio. Virtzilla has long acknowledged that its customers tend to be content with its core products and tend not to explore the vast buffet of its offerings. The "customer first" part of the motto refers to solving customer problems.

What will VMware try to solve next? The content catalogue for its annual VMworld gabfest, published last week, offers a few small hints.

Several sessions on the agenda suggest that Project Monterey – the plan to run VMware's hypervisor on SmartNICs – has been used by actual customers and is substantially closer to becoming a product. It may even be taking on new form as one session hints at collaboration with Intel around its Infrastructure Processing Units.

VMware recently teased its own use of virtual spaces in its Workspace ONE end-user compute suite. A session titled "Upskill Your Workforce with Augmented and Virtual Reality and VMware" promises tips on how you can do likewise. Other sessions suggest significant enhancements for Workspace ONE.

VMware knows that its VXrail hyperconverged infrastructure product needs to make a play for all the edge infrastructure that 5G will require, and while that work has begun, some sessions hint at further work on a cloud-to-edge stack for platform providers.

Corn's old security portfolio also looks to have some updates coming, around SASE and further integrations.

More prosaic news will include further SaaS-ificiation of VMware's core products, but there's nothing to suggest a major update of the flagship vSphere compute virtualization product is in the offing – nor that ESXI-on-Arm is closer to becoming official.

While you wait for that news, enjoy Corn and Poonen letting their hair down as musicians, with a tune Poonen used as his sign-off from VMware. ®

Similar topics


Other stories you might like

  • SpaceX Starlink sat streaks now present in nearly fifth of all astronomical images snapped by Caltech telescope

    Annoying, maybe – but totally ruining science, no

    SpaceX’s Starlink satellites appear in about a fifth of all images snapped by the Zwicky Transient Facility (ZTF), a camera attached to the Samuel Oschin Telescope in California, which is used by astronomers to study supernovae, gamma ray bursts, asteroids, and suchlike.

    A study led by Przemek Mróz, a former postdoctoral scholar at the California Institute of Technology (Caltech) and now a researcher at the University of Warsaw in Poland, analysed the current and future effects of Starlink satellites on the ZTF. The telescope and camera are housed at the Palomar Observatory, which is operated by Caltech.

    The team of astronomers found 5,301 streaks leftover from the moving satellites in images taken by the instrument between November 2019 and September 2021, according to their paper on the subject, published in the Astrophysical Journal Letters this week.

    Continue reading
  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading

Biting the hand that feeds IT © 1998–2022