Intelligence gathering is an oft overlooked aspect of system and data defense in depth. On the 7/12 Virtualization Security podcast we discussed new and old sources of such intelligence. We were joined by Urvish Vashi, VP of marketing, Alert Logic. Alert Logic has updated their report on cloud based security attacks. Add to this the yearly Verizon Breach and other reports, and we start to have a good handle on intelligence of past and possibly future attacks.
TVP Category Archives
Software Defined Security: Is it Achievable?
Cloud based security is about securing the data, yet compliance requirements are often about securing the environment, such as PCI’s requirement for web application firewalls, which protect web servers and perhaps applications and imply protection of data. But they do not directly protect data. How can a Software Defined Data Center implement a form of Software Defined Security automatically to meet not only compliance requirements, but security around a particular mote of data?
Is the Software Defined Data Center the Future?
VMware purchased Nicira, backed the Openflow Community, and is now touting software defined data centers (SDDC). But what is a software defined datacenter? Is it just virtualization or cloud with a software defined network? Or is it something more than that? Given heavy automation and scripting of most clouds, do we not already have SDDC? If not where are we going with this concept? What does SDN add to the mix?
Defense in Depth: Know Your Attack Surfaces
The 6/28 Virtualization Security Podcast we spoke about attacks, defense in depth, and compliance with Davi Ottenhiemer and Matt Wallace. Davi and Matt just published a book on how to defend your virtual environment against attack. Unlike other books, this approaches the problem from the point of view of well know attacks. It even gives examples of some of the more interesting attacks against any of the virtual environments, not just VMware vSphere. The discussion eventually found its way to even newer attacks and their impact on the environment.
Defense in Depth: Storage Security in a Hybrid Cloud
Storage Security is not only about Encryption, which is just one aspect of Storage Security requirements for the virtual and cloud environments. It is also about increasing defense in depth and knowledge of what is touching your storage environment. As well as providing security around those touch points and to a great extent auditing and protecting the data residing within the storage devices regardless of where the devices live: within the virtual environment or within a cloud.
Bromium unveils micro-virtualization trustworthy security vision
One year after announcing that he and XenSource co-founder Ian Pratt were leaving Citrix to launch Bromium with former Pheonix Technologies CTO Gaurav Banga; Simon Crosby was back at the GigaOM Structure conference in San Francisco today to unveil Bromium’s micro-virtualization technology together with its plans to transform enterprise endpoint security.