Splunk is well known for analyzing data in large volumes either within a local Splunk installation or within the Splunk Storm their cloud service. However, there has been a general lack of security related capability within both these tools. Yes they can correlate some security data, but requires a bit of hands on work to make happen. This has changed with the introduction of Splunk App for Enterprise Security v2.4. They now have some very powerful out of the box analysis for enterprise security and one that could solve a growing issue outlined within the latest Verizon Breach Report: the time it takes to determine a breach actually happened. Continue reading News: Splunk App for Enterprise Security Updated
There was recently a rather heated twitter discussion between @Guisebule, @VirtualTal, and @Texiwill (myself) about using virtual desktops as a part of cyber defense. While this could be true, there is a need to ensure you know where your virtual desktop(s) start and end, not only within the network, but your applications in use. In addition, it is very important to fully understand the scope of a virtual desktop architecture as well as use. There are some use cases that work very well for use of virtual desktops as a part of cyber defense or for that matter just make sense for virtual desktops. There two ways to make virtual desktops part of your cyber defense but they both require more than network security.
While VMware is still the undisputed leader in enterprise data center virtualization, it is also very obvious that Microsoft has made (and continues to make) significant inroads into both the broader data center virtualization market and into VMware’s own enterprise customer base. The general perception is that Microsoft Hyper-V is now “good enough” to run most production workloads, that it is close enough (or at parity) in functionality and performance to vSphere for customers to be able to move workloads from vSphere to Hyper-V, and that vSphere is “expensive” and Hyper-V is “free”. So how will VMware win against Microsoft? Continue reading How Will VMware Win Against Microsoft?
Data Protection and patch management of virtual desktops, while not a sexy topic, is one that should happen on a regular basis within any organization implementing or working to implement virtual desktops. Recently, we have been testing virtual desktop software and there is a huge difference between patching and protecting data in a small number of instances and 1000s of instances. There are scale considerations as well as ease of use for file level and system recovery as well as issues with patching virtual desktops (not to mention other security issues). Continue reading Virtual Desktop Patching and Data Protection
There is a dilemma for all tenants of a public or private cloud: Scope. Tenants want everything to be in scope. Cloud Service Providers (CSP) want to limit scope to the bare minimum. What does it mean for a Cloud to be ‘PCI Compliant’, and why is this a requirement for some tenants? The real issue is, what is in scope for PCI-DSS while your data is in the cloud, and how can you as the tenant meet those requirements? Remember, in the cloud, scope becomes a huge issue and a dilemma for the tenant, mainly because they may not know the scope of the cloud provider’s audit and may never find it out. So what is this scope issue and can it be fixed?
Continue reading Cloud Tenant PCI-DSS Dilemma
On the 4/4 Virtualization Security Podcast, Pete Nicoletti, the chief information security officer for Virtustream, joined us to discuss how VirtuStream does cloud security. VirtuStream runs some of, if not the largest SAP installations in the cloud for very large enterprises around the world. The key to VirtuStream is that they are an Enterprise Cloud that looks at everything from the Enterprise perspective, whether that is billing or security. For security, they have implemented many changes required by their customers and allowed the end-enterprise to dial that security to 11 if necessary. But what does VirtuStream do that is different from all others?