Author: Marc Woolward

Marc has over 30 years of experience in mission critical infrastructure and software-defined networks. Marc joined vArmour as CTO in February, 2015. Prior to this role he was a Technology Fellow and the CTO for Networking and Telecommunications at Goldman Sachs. He served as a member of the Technical Advisory Group and as the founder and leader of the Security Working Group within the Open Networking Foundation (ONF). Earlier in his career he managed infrastructure at Cantor Fitzgerald and Coutts & Co. Marc has a decade’s worth of experience architecting and implementing datacenter software automation, and private cloud architectures. Marc is currently British and Worldcup Masters Surfkayak Champion and has represented England at the international level for several years.

Container Security - Not Just About the Image

Container Security - Not Just About the Image

A slightly modified version of this article was published as a byline by EnterpriseTech on 29th November 2016.  A cynic might conclude that “image” has more than a little to do with the phenomenal interest in containers and m...
Read More
The Problem with Agents - as a Primary Means of Security Policy Enforcement

The Problem with Agents - as a Primary Means of Security Policy Enforcement

In earlier blogs, I talked about the differences between micro-segmentation approaches, and the fundamental differences to look out for. One of the differences I mentioned is whether: 1) Controls are independent of the workload o...
Read More
The Genesis of Project Ice Cream to Deliver Cloud-Scale Security

The Genesis of Project Ice Cream to Deliver Cloud-Scale Security

Clouds are based on speed, scale and economics, which are the antithesis of legacy security systems. In fact, these factors can be challenging to any true security functions, which need to maintain state, process content deeply, a...
Read More
Containers and Microservice Security: Are You Ready to Expose Your Application Internals to the Outside World?

Containers and Microservice Security: Are You Ready to Expose Your Application Internals to the Outside World?

I am often asked how the emergence of Containers and Microservices changes the game so far as multi-cloud security is concerned. In some ways, Containers mean MORE of the same - more speed, more scale, more automation, more contro...
Read More
Prediction: Part 5 of Multi-Cloud Security Architecture CTO Deep Dive

Prediction: Part 5 of Multi-Cloud Security Architecture CTO Deep Dive

In part four of my blog series on the Multi-Cloud Security Architecture, we explored the range of response options available for multi-clouds, covering both automated and manual tactics. With the inputs of data gathered throughout...
Read More
Response: Part 4 of Multi-Cloud Security Architecture CTO Deep Dive

Response: Part 4 of Multi-Cloud Security Architecture CTO Deep Dive

In part three of my blog series on the Multi-Cloud Security Architecture, we looked at the various methodologies for detection in multi-clouds - from human investigation to machine-learning technologies. Once an attack is detected...
Read More
Detection: Part 3 of Multi-Cloud Security Architecture CTO Deep Dive

Detection: Part 3 of Multi-Cloud Security Architecture CTO Deep Dive

In part two of my blog series on the Multi-Cloud Security Architecture, we covered the key elements needed to prevent security incidents in multi-cloud environments. Unfortunately, it is nearly inevitable in any organization that ...
Read More
Prevention: Part 2 of Multi-Cloud Security Architecture CTO Deep Dive

Prevention: Part 2 of Multi-Cloud Security Architecture CTO Deep Dive

In part one of my deep dive blog series on the Multi-Cloud Security Architecture, we addressed the foundational elements of the MCSA. This primarily focused on the architecture as being API-driven, distributed and independent from...
Read More
Introducing the Multi-Cloud Security Architecture

Introducing the Multi-Cloud Security Architecture

Today we launch the Multi-Cloud Security Architecture - and the pathway to get there. This is an industry-wide vision for multi-cloud security which will both address the security challenges emerging in a world of ‘constant breach...
Read More
Why Multi-Clouds Demand a New Approach to Security

Why Multi-Clouds Demand a New Approach to Security

The changes in IT over the past decade, driven by cloud and distributed systems, have exploded the data center perimeter security model. One result of this trend is the move to use micro-segmentation technologies to shift the trus...
Read More
Security Architectures for Cloud Data Centers

Security Architectures for Cloud Data Centers

Organizations are entering the first phase of micro-segmentation architectures: the act of deploying security policies across scale-out data center networks in order to separate diverse workloads, collapse legacy physical zones, a...
Read More
Applying Distributed Systems Principles to the Data Center Security Challenge

Applying Distributed Systems Principles to the Data Center Security Challenge

In my previous post I explored many of the challenges we are struggling to address with existing security models and products. Today I want to spend a while discussing the reasons why a distributed systems architecture is necessar...
Read More
From a Security Perspective, the Datacenter is Broken

From a Security Perspective, the Datacenter is Broken

Having spent the best part of 3 decades architecting and operating Enterprise infrastructure, including 16 years at Goldman Sachs, it became clear to me that the security model within the Datacenter represents the last major barri...
Read More