Ask the Experts

Ask the Experts

Virtualization security issues and threats

• Can monitoring help defend against Sanny malware update?

  Changes to the Sanny malware were recently discovered by FireEye researchers. Learn who is at risk and how elevated privileges can help protect you with Nick Lewis.  Continue Reading

• Secure encrypted virtualization: How is this technology exploited?

  Researchers claim to have found a new attack against VMs that affects SEV technology. Expert Judith Myerson explains what this attack is and how it can be exploited.  Continue Reading

• How is Oracle Micros POS affected by CVE 2018-2636?

  A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability.  Continue Reading

• How did the Panera Bread website expose customers?

  Panera Bread website users were put at risk after a security researcher discovered a vulnerability relating to a lack of authentication for their publicly available API endpoint.  Continue Reading

• VMs per host: What are the risks of multiple connections?

  While there are no set rules, there are some security recommendations when it comes to virtual machines running on one host. Learn the best practices with expert Matt Pascucci.  Continue Reading

• VMware AppDefense: How will it address endpoint security?

  VMware announced AppDefense, its latest effort to help improve endpoint security. Matt Pascucci explains how AppDefense addresses applications in vSphere environments.  Continue Reading

• Application containers: What are the major risks?

  NIST recently issued guidance on mitigating the security risks of application containers. Expert Judith Myerson outlines some of the risks and fixes highlighted in the guide.  Continue Reading

• How can enterprises stop the Flip Feng Shui exploit from hijacking VMs?

  The Flip Feng Shui attack can target virtual machines. Expert Judith Myerson explains the exploit and describes how to prevent it from hijacking enterprise VMs.  Continue Reading

• What's the difference between software containers and sandboxing?

  Understanding the difference between software containers and sandboxing can help enterprises make the right decision about which to use. Expert Matthew Pascucci explains them.  Continue Reading

• Do DMZ networks still provide security benefits for enterprises?

  DMZ networks were once widely used by enterprises, but are they still common today? Expert Judith Myerson explains why DMZs may be a good security option for some organizations.  Continue Reading

• Should the Netdump flaw deter enterprise ODL SDN use?

  The benefits of the ODL SDN platform are promising, but what about the recent Netdump flaw it experienced? Expert Kevin Beaver discusses why you may not want to pass on OpenDayligh just yet.  Continue Reading

• Virtualization security concerns: The threat of hypervisor malware

  What is hypervisor malware, and how worried should enterprises employing virtualization be about it? Threats expert Nick Lewis explains.  Continue Reading

• Is it more secure to have a mainframe or a collection of servers?

  The general public may think that mainframe computing is a thing of the past, but expert Michael Cobb reviews why the mainframe is still the cornerstone most large IT projects.  Continue Reading

• Why can't antimalware tools scan inside virtual machines?

  You'd think that it would be easy for an antimalware tool to see what's going on inside a virtual workstation. Unfortunately, it's not. In this expert Q&A, Ed Skoudis explains the difficulty of scanning a guest virtual machine.  Continue Reading

• How can rootkit hypervisors affect operating system security?

  What can rookit hypervisors do to your operating system? "Whatever their creators want!" says application security expert Michael Cobb. In this SearchSecurity.com Q&A, Cobb explains how rootkit hypervisors could defeat the security defenses of a ...  Continue Reading