Articles Tagged with Virtualization Security Podcast

Automating Cloud Security

On 9/8 was held the Virtualization Security Podcast featuring Phil Cox, Director of Security and Compliance at RightScale, to discuss the impact of and need for automation of cloud security. Given that we create clouds by automating deployment of workloads we also need to automate the security of those workloads during the same deployment. This podcast delves into that need, and touches on where over automation is also a problem.

Read More

Mitre – Two New Tools to Help with PaaS and Risk Assessment

On the 7/28 Virtualization Security Podcast, we were joined by Robert Martin of Mitre to discuss Mitre’s new CWE, CWSS, and CWRAF tools to aid in software and system security evaluation.  We put a decidedly cloud based discussion around these tools to determine how they would be used by those that program within a PaaS environment, make use of SaaS, or other cloud services.

Read More

Start with SaaS Security: End with Data Security

The 6/30 Virtualization Security Podcast with Simon Crosby Founder and CEO of Bromium started with a discussion of SaaS security but soon went to a discussion of Data Security. Simon left Citrix not to long ago to form a new company, Bromium, to seriously look into how the hypervisor itself can provide better security for data manipulations than it does today. But first we started off with SaaS and how you can Identify the user within a cloud.

Read More

Improving PaaS Security: Get your Developers Involved

The 6/16 Virtualization Security Podcast started as a twitter conversation with a comment about PaaS Security where James Urquhart, Krishnan Subramanian, Rich Miller, and myself went back and forth about PaaS security and the role of the developer. It was not quite a DevOps conversation but pretty close. Rich could not join us on this Podcast but hopefully will make a future one. PaaS security appears to be dependent on two things, the provider’s security, and how it is used.

Read More

Cloud Security Alliance launches Training

On the 6/2 Virtualization Security Podcast, Rich Mogull, an analyst for Securosis, joined us to discuss his work with the Cloud Security Alliance (CSA) to develop the two day course called the Certificate of Cloud Security Knowledge (CCSK). While this course is not about learning all the intricacies of cloud security it is about providing a level set of knowledge required to even begin to talk about cloud security.

Read More