Virtualization security issues and threats

Get advice from the experts on all things virtualization security, such as virtualization management, tools, products, training and software. Also learn how the emergence of virtualization products and technology affect enterprise security.

August 17, 2018 17 Aug'18
Intel disclosed Spectre-like L1TF vulnerabilities

News roundup: Intel disclosed L1TF vulnerabilities with similarities to Spectre, but with a focus on data. Plus, the NIST Small Business Cybersecurity Act is now a law, and more.
May 11, 2018 11 May'18
Hardware debug documentation leads to widespread vulnerability

A hardware debug bug, apparently caused by unclear Intel hardware architecture documentation, infested almost all major OSes, as well as leading virtualization software.
May 04, 2018 04 May'18
AMD patches in testing with ecosystem partners

The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track.
March 23, 2018 23 Mar'18
AMD patches for Ryzen chip flaws due 'in the coming weeks'

AMD patches are in the works for the Ryzen and EPYC chip flaws announced without the normal disclosure, but CTS Labs continues to stress the severity of the issues.

Bring yourself up to speed with our introductory content

VMware AppDefense

VMware AppDefense is a data center security service designed to protect virtualized applications running in an enterprise data center in order to improve the protection and threat response performance of an enterprise security operations center (SOC... Continue Reading
Application containers: What are the major risks?

NIST recently issued guidance on mitigating the security risks of application containers. Expert Judith Myerson outlines some of the risks and fixes highlighted in the guide. Continue Reading
Set up VMware VM Encryption for hypervisor-level security

Learn how to set up and run the new VMware vSphere 6.5 VM Encryption feature to improve security by bringing encryption to the hypervisor level. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

VMware AppDefense: How will it address endpoint security?

VMware announced AppDefense, its latest effort to help improve endpoint security. Matt Pascucci explains how AppDefense addresses applications in vSphere environments. Continue Reading
What's the difference between software containers and sandboxing?

Understanding the difference between software containers and sandboxing can help enterprises make the right decision about which to use. Expert Matthew Pascucci explains them. Continue Reading
Do DMZ networks still provide security benefits for enterprises?

DMZ networks were once widely used by enterprises, but are they still common today? Expert Judith Myerson explains why DMZs may be a good security option for some organizations. Continue Reading

Learn to apply best practices and optimize your operations.

Secure encrypted virtualization: How is this technology exploited?

Researchers claim to have found a new attack against VMs that affects SEV technology. Expert Judith Myerson explains what this attack is and how it can be exploited. Continue Reading
Build a secure Docker host environment on Linux systems

In the cutting-edge technology world of containers, don't lose sight of the fundamental security best practices that protect workloads and minimize attack surfaces. Continue Reading
How is Oracle Micros POS affected by CVE 2018-2636?

A security researcher found a security flaw dubbed CVE-2018-2636 that enables the installation of malware on Oracle Micros POS systems. Learn more about the vulnerability. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Can monitoring help defend against Sanny malware update?

Changes to the Sanny malware were recently discovered by FireEye researchers. Learn who is at risk and how elevated privileges can help protect you with Nick Lewis. Continue Reading
Preserve Hyper-V security from Meltdown and Spectre vulnerabilities

Protect Hyper-V VMs from Meltdown and Spectre security vulnerabilities, and install patches from Microsoft. Watch out for future revisions, performance impacts and recalls. Continue Reading
How Docker APIs can be misused to plant malware

Researchers discovered how Docker APIs can be exploited to hide malware. Dave Shackleford explains the attack method and the threat it poses to container and virtual machines. Continue Reading