With the number of mobile devices in use now surpassing that of desktops worldwide, the application virtualization requirements of business mobile users continues to grow exponentially. Whether these users access their business apps from a smartphone, tablet, or—the latest buzzword—“phablet,” their common denominator is their demand for more and better business applications on the go.
If you’ve ever engaged the services of a penetration testing company, you know they’re not cheap. In fact, it’s not unusual to feel you’ve been slapped, thrown in a bag, and hung up to dry. These types of costs can be absorbed by larger companies and enterprises, but not smaller ones, which lack the budgets to take that kind of hit.
On the June 24, 2014 Virtualization Security Podcast, we discussed SecDevOps with Andi Mann of CA Technologies. Andi pointed out fairly early that he does not like the term or the “DevOpsSec” term. Security needs to be considered at every step of the way, he stressed: neither before nor after Dev, but marching along with DevOps and Agile methodologies. As such, the question that comes to mind is how security can get involved with DevOps and Agile methodologies. So, we came up with some practical advice. Continue reading SecDevOps: What Security Can Do Today
On June 24, 2014, a former editor of a now-defunct British tabloid newspaper (some will disagree with the use of the prefix “news”) was found guilty of phone hacking. Phone hacking is the practice of intercepting and listening to a phone’s voicemail messages without the owner’s knowledge or permission.
While at VMworld 2013, I started to ask 5 security questions that have been bothering me for some time now. Some of these questions apparently have no answers currently and others only have operational answers, no technology. Security of a secure hybrid cloud is a mix of procedures, policies, operations, and technology. These questions are about various aspects of virtual and cloud environments that have been nagging at me for some time now as well as problems I have faced managing our own cloud instances. Perhaps you have questions you would like to add to the list, if so please share. Continue reading Security Questions from VMworld 2013
At VMworld 2013 and on the Virtualization Security Podcast there were many conversations about VMware NSX. These conversations ranged from how will we implement this new technology to security, scale, and other technical questions. In addition, NSX and what was needed to make it a reality may be the answer to a nagging security question. Brad Hedlund, from the VMware NSX team, joined the Virtualization Security Podcast to share with us some of the details around VMware NSX prior to the podcast. Continue reading VMware NSX Conversations