Virtualization Security

Virtualization Security focuses upon end-to-end security, integrity, auditability, and regulatory compliance for virtualization and clouds. Virtualization Security starts where the cloud and virtual environments begin: the end user computing device. (Read More)

We follow the user through the virtual and cloud stacks until they reach the application the user wishes to use to retrieve the data that is important to them. Virtualization and cloud security is implemented where there is an intersection between user, data, and application while maintain strict control of management interfaces. As such virtualization security looks into all aspects of security devices, tools, controls, and guides that impact or can be used to secure virtual and cloud environments.

News: $2,000 Network Penetration Test Changes the Cyber Security Industry

VirtualizationSecurityIf you’ve ever engaged the services of a penetration testing company, you know they’re not cheap. In fact, it’s not unusual to feel you’ve been slapped, thrown in a bag, and hung up to dry. These types of costs can be absorbed by larger companies and enterprises, but not smaller ones, which lack the budgets to take that kind of hit.

Continue reading News: $2,000 Network Penetration Test Changes the Cyber Security Industry

Back to Basics II: Secure Hybrid Cloud

VirtualizationSecurityI have written many times about hybrid cloud security, but there’s a fundamental security requirement that happens as you access the hybrid cloud. In our previous back to basics article we wrote about the need for situational awareness. We’re going to expand on that topic some more. The real success to hybrid cloud security is understanding how the users access the hybrid cloud: where they access it from, why they access it, and what is accessed or used. From a security standpoint, it starts with one organizational item: people.

Continue reading Back to Basics II: Secure Hybrid Cloud

vCloud Air Attack: Back to Basics

VirtualizationSecurityVMware recently announced an upgrade to vSphere, 5.5 Update 2d, that fixes an issue with transparent page sharing (TPS). This issue allowed an attacker to break encryption keys if VMs shared the same server even for a small amount of time. This is not a trivial problem, but it brings me to a simple point. We think encryption will solve everything related to security. But encryption is only a part of the solution, and not even the most important part. Nor the most powerful. Continue reading vCloud Air Attack: Back to Basics

Is the Cloud Just So Many Legos?

CloudComputingI was recently looking at LegoTM parts, and I started to consider the myriad of LegosTM and the broad categories they fit within. Then I had a thought. Is the cloud just so many LegosTM? SaaS, PaaS, IaaS, and DaaS are various categories of clouds. We could call them the fundamental building blocks or bricks of the cloud, and we could think of moving to the cloud as the assembly of those bricks into something usable. Or so one would think.

Continue reading Is the Cloud Just So Many Legos?

Will the Public Cloud Be the Next Legacy Platform?

CloudComputingRight now, the three major public clouds (Amazon, Microsoft, and Google) seem all shiny and new, like many technologies seemed at some point in the past. Let’s see if we can learn from history and assess the risk of the public cloud’s becoming just another legacy platform.

Continue reading Will the Public Cloud Be the Next Legacy Platform?