Do Meltdown and Spectre invalidate the cloud? Do modern security issues invalidate the cloud? Does lack of provable security invalidate the cloud? But isn’t it provable? These are pretty strong statements, but the latest Spectre patch microcode recall for certain CPUs is starting to make some companies rethink their use of the cloud. What type …
TVP Category Archives
Treasure Troves and Intel Speculative Execution
The January 3, 2018 Virtualization and Cloud Security Podcast covered two very important issues: the treasure troves used as bases for attacks and the Intel CPU speculative execution bug. The former allows people to access critical cloud and internal resources, while the later allows elevation of privileges to see and act upon data within the CPU …
Continue reading “Treasure Troves and Intel Speculative Execution”
Recent Announcements: This Is New December 2017
Past and current partners have made a number of end-of-year announcements that have crossed our news desk. Some convey significant changes, others incremental changes. Some even herald complete turnarounds in direction. Starting with this article, we plan to bring you a monthly synopsis of the announcements our news desk receives. Without further ado, here is …
Continue reading “Recent Announcements: This Is New December 2017”
The Best of 2018
It is now time for us to look over the past year and put together our “best of” compilations. However, I want to change that around and look at the best of 2018. Yes, next year. Pulling out my crystal ball, I see there is quite a bit to look forward to. 2017 was a …
Holiday Security
As we continue into the holiday season, it is worth listening to the Virtualization and Cloud Security Podcast from last December on consumer and holiday security. Consumer security is not the antithesis of IT security, but it is something every consumer should be concerned about. Here is our short list of annual education items. In …
Threat Modelling: The Now of IT
Threat modelling was the subject of the latest Virtualization Security Podcast (which I am still trying to upload, so time for a new service). Threat modelling is what every security person does, but not necessarily formally. Threat modelling in many ways takes an architecture and looks for well-known threats. One such threat that could come …