‘Slowly Learning that Fact’ – Virtualization Security Training courses

Title inspired by ‘Undertow’

If you are employed by a company of reasonable size you know the drill; new year, new training plans and renewed hope for some budget to fund that plan. After i managed to get on a VMWare vSphere course last year, which turned out to be a little light on security content side,  i was looking for a training class that is focusing on security challenges in virtualized environments. Not that i have high hopes to get it funded anyway but it seems to be quite difficult to even find a training class that would offer this kind of education. Digging through the information available online i came up with the (rather short and probably incomplete) list below.

SANS 577: Virtualization Security Fundamentals

No surprise here; SANS recognized the need for some kind of formal training and Dave Shackleford designed this 2 day course. I have no idea how good it is but it’s unlikely a SANS course is anything less than top notch. Sadly no dates for a class room based training in EMEA at this point.

Hacking Uncovered: VMWare

If i’m not mistaken this class is Tim Pierson’s and was discussed briefly in one of the last Virtualization Security Round Table podcasts. The course agenda looks promising and covers a lot of ground. Similar to SANS 577 it seems only available in the US however.

ITL Virtualization (In)Security

I’m not sure what the status with this training is; InvisibleThingsLab are looking at the virtualization security topic from a more development/hardware angle and there is no information available if the BlackHat’09 training course ever made it into a scheduled class outside conferences.

Catbird’s Certified Virtual Security Professional

Catbird was early on the market with a certification and accompanying coursework. Unfortunately i have no information whether this is a vendor specific training or when and how it is offered. I’d assume mainly Catbird customers will go for this training.

And this concludes the training offerings i was able to find online. I expected at least the ‘big 3’ (VMWare, Microsoft, Citrix) to have their own courses in place by now but so far security seems to play only a minor role in virtualization training publicly available . If you happen to have more details on this topic please feel free to let me know (Daniel AT virturity dot com) and i’ll update the posting accordingly.

Now let’s see how i convince my boss to fund that SANS course…