Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device.|We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

Most Recently added Virtualization Security Resources: (See More...)

How Much Insight Are We Missing from Our Environments?

April 18, 2014
By
CloudComputing

How much insight are we missing from our environments? That is a question I find myself asking after being bitten by a new “bug” found in VMware vCloud Automation Center (vCAC). There seem to be many people like me who discovered their morning was wrecked when the vCloud Automation Center 6.0 tenants became inaccessible and…

Read more »

State of the Art: Virtual Desktop Security

April 11, 2014
By
VirtualizationSecurity

User experience drives virtual desktop deployments and can either make or break them. If the user experience is awful, users will find other, often less secure methods for doing their jobs. VDI sits at an interesting crossroads where storage, memory, networking, CPUs, and GPUs must be properly tuned. Any adverse impact from any one of…

Read more »

XPocalypse Now! Ten Tips for Surviving the End of (Support) Days

April 7, 2014
By
DesktopVirtualization

The much-heralded XPocalypse—the end of extended support for Windows XP—is practically upon us. After thirteen years of service—beyond Microsoft’s normal service window by a good three years—Windows XP patching will finally stop. How will this affect those of us whose virtualized desktop infrastructures may still be tied, for various reasons, to the old OS?

Read more »

Cloud Security Monitoring

March 25, 2014
By
Secure Hybrid Cloud

Have you ever wondered what was going on within a cloud regardless of type? SaaS? PaaS? IaaS? Do you need to audit these environments to ensure compliance with your security policy (not to mention the subset of your security policy that contains regulatory compliance)? To provide solutions for these issues, a number companies both new…

Read more »

RSA Conference Roundup

March 13, 2014
By
VirtualizationSecurity

It has now been a few weeks since RSA Conference 2014. A number of very disparate items to consider were announced at the conference. We covered some of them on the Virtualization Security Podcast held at the NSS Labs hospitality suite at the conference. Yet there is still more to consider. The impact of the…

Read more »

News: AFORE Adds SecureVM and SecureFile to Cloudlink

February 24, 2014
By
AFORE logo 120_36_

AFORE Solutions’ goal has been to provide not only data at rest encryption but also data in motion encryption at all levels of the cloud stack, such that not even the cloud providers can see or change your data. This level of confidentiality does not exist within existing public or private clouds without a little…

Read more »

Privileged Accounts within SDDC

February 14, 2014
By
Privileged Accounts within SDDC

As your software-defined data center (SDDC) grows, so does the quantity of privileged accounts. This was the discussion on the Virtualization Security Podcast of February 13, 2014, where we were joined by Thycotic Software. Privileged accounts are used by administrators and others to fix issues, set up new users, add new workloads, move workloads around…

Read more »

Application Security: What Is the First Step?

January 31, 2014
By
VirtualizationSecurity

What is the first step of application security? What is this step regardless of whether the process involved is DevOps or traditional silos? We have heard many answers before, such as architecture, code analysis, hardening, risk analysis, etc. But we have not really talked about the intersection of the user, application, data, and system. Perhaps…

Read more »

Are US Tech Companies Suffering a Slow and Agonizing Death?

January 30, 2014
By
VirtualizationSecurity

Are United States technology companies now suffering from a slow and antagonizing death from what is being called “The Snowden Effect”? The disclosures by the infamous or notorious former National Security Agency that gave a glimpse into the extent of the NSA worldwide spying effort that have prompted companies to avoid and or leave US…

Read more »

Featured Solutions