On the 5/30 Virtualization Security Podcast, Shaun Donaldson, Director of Alliances at Bitdefender Enterprise, joined us to discuss end user computing (EUC) security and how their new Gravity Zone product ties their enterprise products together under one scalable management umbrella. This was a very interesting conversation on the subject of EUC security, Bring Your Own Device (BYOD) security, and the all aspects of the the EUC stack. There are quite a few moving pieces in the EUC stack that is greater than your mobile device and the system it is accessing. There is a complete networking and political stack between the two and perhaps many systems you have to jump through to access your data.
On the 4/4 Virtualization Security Podcast, Pete Nicoletti, the chief information security officer for Virtustream, joined us to discuss how VirtuStream does cloud security. VirtuStream runs some of, if not the largest SAP installations in the cloud for very large enterprises around the world. The key to VirtuStream is that they are an Enterprise Cloud that looks at everything from the Enterprise perspective, whether that is billing or security. For security, they have implemented many changes required by their customers and allowed the end-enterprise to dial that security to 11 if necessary. But what does VirtuStream do that is different from all others?
Just entered my mailbox, there is a new rev of the vSphere 5.1 hardening guide which was spoken about on the last Virtualization Security Podcast. This version of the hardening guide creates a much needed new feature: Profiles.
Rightscale has been running into a problem with the simplest of auditing requirements: how to know when someone has logged in. This problem spans nearly all their 100s of SaaS providers used to run their business. Where is the ability to do SaaS Auditing?
Virtualizing Business Critical Applications is often stopped either by the sudden involvement of security and compliance, a need to better understand, or a need to gain visibility into the underlying security of the virtual environment in order to build new security and compliance models.
The 12/13 Virtualization Security Podcast featured George Reese CTO on enStratus as our guest panelist. We discussed Cloud API security or more to the point the lack of real cloud API security. To paraphrase George: Some got it, others do not. So what makes up a good cloud API? how can we fix broken cloud APIs?