VMWare Hacking Uncovered

As I’ve mentioned earlier this year i was looking at specialized virtualization security training options aiming to attend one or more throughout the year. Fortunately i was not only able to find a course close to me, i also managed to convince my boss to fund the training (thanks boss). Originally my favourite was SANS […]

Cloud Security Alliance announces certification

With all the news and information coming out of BlackHat 2010 , DefCon 18, BSides Las Vegas and not to forget WikiLeaks these past days the announcement of the first user certification for cloud security┬ádidn’t get much of the attention it probably deserved. The Cloud Security Alliance, in cooperation with the European Network and Information […]

NIST Guide to Security for Full Virtualization Technologies

The National Institute for Standards and Technology is currently working on a new Special Publication (800-125) that deals security concerns around virtualization technology. The paper is currently released as draft for comment and public feedback is requested until August 13th 2010 as described below. “NIST requests comments on draft SP 800-125 by August 13, 2010. […]

Agent-based antivirus in virtualized environments

Someone recently approached me asking for advice on how to configure antivirus on virtualized endpoints as they received complains about poor performance on their infrastructure. After I got very briefly excited that the request would give me a chance to discuss hypervisor based malware protection it turns out that the only option at this point […]

Cloud Controls Matrix by CSA released

I think the announcement of this little gem got lost somewhat in the news around InfoSec Europe. The CloudSecurityAlliance released the Cloud Controls Matrix on the 27th April during the InfoSec Europe event in London/UK. As the press release states “The CSA Cloud Controls Matrix contains 98 controls, identified as being applicable to cloud providers, […]