Ask the Experts

Ask the Experts

Virtualization security issues and threats

• How is Oracle Micros POS affected by CVE 2018-2636?

  A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability.  Continue Reading

• How did the Panera Bread website expose customers?

  Panera Bread website users were put at risk after a security researcher discovered a vulnerability relating to a lack of authentication for their publicly available API endpoint.  Continue Reading

• VMs per host: What are the risks of multiple connections?

  While there are no set rules, there are some security recommendations when it comes to virtual machines running on one host. Learn the best practices with expert Matt Pascucci.  Continue Reading

• VMware AppDefense: How will it address endpoint security?

  VMware announced AppDefense, its latest effort to help improve endpoint security. Matt Pascucci explains how AppDefense addresses applications in vSphere environments.  Continue Reading

• Application containers: What are the major risks?

  NIST recently issued guidance on mitigating the security risks of application containers. Expert Judith Myerson outlines some of the risks and fixes highlighted in the guide.  Continue Reading

• How can enterprises stop the Flip Feng Shui exploit from hijacking VMs?

  The Flip Feng Shui attack can target virtual machines. Expert Judith Myerson explains the exploit and describes how to prevent it from hijacking enterprise VMs.  Continue Reading

• What's the difference between software containers and sandboxing?

  Understanding the difference between software containers and sandboxing can help enterprises make the right decision about which to use. Expert Matthew Pascucci explains them.  Continue Reading

• Do DMZ networks still provide security benefits for enterprises?

  DMZ networks were once widely used by enterprises, but are they still common today? Expert Judith Myerson explains why DMZs may be a good security option for some organizations.  Continue Reading

• Should the Netdump flaw deter enterprise ODL SDN use?

  The benefits of the ODL SDN platform are promising, but what about the recent Netdump flaw it experienced? Expert Kevin Beaver discusses why you may not want to pass on OpenDayligh just yet.  Continue Reading

• Should hypervisors be part of every enterprise security strategy?

  Vendor hype reports that hypervisors are critical components of an enterprise security strategy -- so, should every company have one? Michael Cobb discusses the benefits.  Continue Reading

• The value of a virtual security gateway in the data center

  Matthew Pascucci discusses virtual security gateway appliances and whether they are a virtual data center necessity or just an overhyped product.  Continue Reading

• JeOs and the benefits of a virtual security appliance

  A virtual security appliance offers enterprises a number of benefits, including an optimized operating system that simplifies patch management.  Continue Reading

• Cloud computing providers and PCI virtualization requirements

  Find out how enterprises should approach cloud computing providers following the debut of the PCI virtualization requirements.  Continue Reading

• Can the VMware PCI Compliance Checker assess my compliance posture?

  The VMware PCI Compliance Checker claims to assess the compliance of a VMware virtual environment. Does it work? SearchSecurity has the answer.  Continue Reading

• Virtualized behavior-based monitoring: Improving performance visibility

  Learn about virtual behavior-based monitoring tactics, which allow for easy anomaly detection and can help defend a virtualization infrastructure.  Continue Reading