On 10/6 was held the Virtualization Security Podcast featuring Davi Ottenheimer in his role as a QSA. Davi holds down many roles working with companies such as VMware, yet he maintains his QSA credentials and applies his knowledge of PCI Compliance. In this podcast we ask the question, is a virtual environment always mixed-mode and what to do if your QSA does not have the knowledge required to do the job?
Articles Tagged with Virtualization Security Podcast
On 9/22 was held the Virtualization Security Podcast featuring Anil Karmel, Solutions Architect at Los Alamos National Library (LANL), to discuss their implementation of secure multi-tenant Cloud. LANL makes extensive use of the entire VMware product suite from vCloud Director down to the vShield components to implement their SMT cloud. They have also added into their cloud their own intellectual property to improve overall cloud security. It was a very interesting conversation about the state of SMT today.
On 9/8 was held the Virtualization Security Podcast featuring Phil Cox, Director of Security and Compliance at RightScale, to discuss the impact of and need for automation of cloud security. Given that we create clouds by automating deployment of workloads we also need to automate the security of those workloads during the same deployment. This podcast delves into that need, and touches on where over automation is also a problem.
The week before VMworld on 8/25 was the Virtualization Security Podcast featuring Greg Ferro (@etherealmind), CCIE to discuss Cisco VM-FEX and its impact on virtualization and cloud security. VM-FEX is a method by which the fabric of a UCS top of rack switch is extended to the VM, but only if the VM is using VMDirectPath. So does this impact Virtualization and Cloud Security in any way?
On the 7/28 Virtualization Security Podcast, we were joined by Robert Martin of Mitre to discuss Mitre’s new CWE, CWSS, and CWRAF tools to aid in software and system security evaluation. We put a decidedly cloud based discussion around these tools to determine how they would be used by those that program within a PaaS environment, make use of SaaS, or other cloud services.
The 6/30 Virtualization Security Podcast with Simon Crosby Founder and CEO of Bromium started with a discussion of SaaS security but soon went to a discussion of Data Security. Simon left Citrix not to long ago to form a new company, Bromium, to seriously look into how the hypervisor itself can provide better security for data manipulations than it does today. But first we started off with SaaS and how you can Identify the user within a cloud.