SlideShare a Scribd company logo

The Dynamic Nature of Virtualization Security

Rapid7
Rapid7

The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional “scan-and-patch” vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. This whitepaper explores the challenges of securing a virtualized environment and gives actionable solutions to address them.

Technology
1 of 5
Download to read offline
White Paper The Dynamic Nature of Virtualization Security The need for real-time vulnerability management and risk assessment
Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com Introduction Virtualization is radically shifting how enterprises deploy, deliver, and manage applications and data. It offers tremendous benefits for business efficiency and agility: resource consolidation for controlling costs, greater scalability and higher utilization of existing assets and applications, and flexibility for adapting assets to meet current business demands. Forrester asserts: “Virtualization is the norm; deploying a physical server is the exception.” It found that “server virtualization is nearly ubiquitous,” that “85 percent of organizations have adopted or are planning to adopt x86 server virtualization,” and that “79 percent of firms have or are planning to institute a ‘virtualization first’ policy.” By 2014, Forrester predicts that 75 percent of all servers will be virtualized. (“The CISO’s Guide to Virtualization Security,” by Rick Holland, et al., Forrester Research, Inc., January 12, 2012.) Similarly, Information Week reports that adoption of server virtualization has grown to 97 percent in survey-respondent data centers. It also reports similar adoption rates in storage virtualization (86 percent), application virtualization (88 percent), and desktop virtualization (76 percent). (“Next-Generation VM Security,” by Kurt Marko, Information Week reports, June 2012). As more enterprises virtualize their infrastructures, they also face new threat vectors. In the rush to virtualize applications and other assets and realize the fiscal and management benefits of virtualization, IT managers must continue to protect IT infrastructures from hacking incidents, inadvertent insider damage, and malware attacks. Servers, applications, networks, and end-user devices are becoming dynamic and unpredictable. Virtualized assets are susceptible to the same threats and vulnerabilities as traditional assets but traditional security devices offer limited visibility into virtualized environments, where assets and their security postures are constantly changing. Incidents in virtualized servers can escalate rapidly and cause considerable damage. Determining the risk level associated with a given vulnerability remains vital to prioritizing mitigation tasks. The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional “scan-and-patch” vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. With security infrastructures lagging behind virtualization adoption, a vulnerability management solution that provides immediate risk assessment plays a critical role in helping security managers protect virtualized assets and data. Forrester recommends: You must extend your vulnerability management program into your virtual environment. Server hardening, including patch management and configuration management, is a core element of vulnerability management. A number of good resources are available to assist you with hardening your virtual servers. You must also ensure that you are conducting regular vulnerability assessments, including scanning and penetration testing, of the environment. …You should include virtualization-specific penetration tests to validate the hardening and security controls of the environment. (Forrester, Ibid., p. 9) Scheduled scans remain useful in virtualized environments, but the dynamic character of virtualization presents new kinds of risk. The constantly fluctuating environment requires continuous and comprehensive security monitoring to detect changes as they happen.
Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com The vulnerability management solution should include these capabilities: • Deployable as a virtual machine (VM) • Discover and scan VMs as they spin up and down for vulnerabilities and misconfigurations. • Detect snapshot rollbacks and scan after restores • Track asset migrations and proactively monitor their security postures To better understand the need for these capabilities, consider the challenges and solutions below. Challenge: On or Off? Virtual machines spin up and down all day long. Some VMs may activate many times a day, while others may spin up once a month. An IT administrator can provision, operate, and delete a VM before a traditional vulnerability scanner can check it for vulnerabilities. Periodic scans assign inactive VMs a risk score of 0. There’s inherent risk if that potentially-vulnerable VM spins up again before the next periodic scan kicks off. Solution: Automated Discovery and Scanning Security managers need to know when VMs become active, so they have the option to scan them immediately and assess their risk levels. Without requiring operator intervention, the vulnerability management solution should be able to interact with the hypervisor to detect VMs as they come online and maintain an accurate database of discovered resources. More importantly, a security manager should have the option to configure the vulnerability management solution to automatically scan critical resources when they spin up and issue a scan report upon completion. Challenge: Snapshot Rollbacks Storage snapshots are a valuable data protection capability. However, a rollback or restore may expose a VM, and the system it resides upon, to a previously fixed vulnerability. For example, rollbacks may revert a VM to an older software version that needs critical patching. A periodic scan may not discover this exposure for days or weeks. Another scenario is a rollback reinstates a configuration error or other vulnerability that is exploitable by malware, and a malware attack may have caused the crash. Solution: Rollback Detection and Automated Scanning If the vulnerability management solution is in communication with the hypervisor, it should be able to detect rollbacks and restores and send an alert to the management console. The security manager should have the option to configure the vulnerability management solution to automatically scan assets after a rollback or restore and issue a scan report upon completion. For example, such scans can immediately verify that software versions remain compliant with policies after a rollback, or expose the exploitable errors or vulnerabilities and allow security managers to mitigate them.
Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com Challenge: Virtual Machine Migration Live migrations of VMs to other hosts, using features such as VMware vMotion, helps server managers adjust server utilization and maintain performance levels without service interruption. Migrations may be a proactive management task, but more often they occur as a result of a catastrophic failure. Some failures, such as loss of an asset pool, can trigger migrations to another asset pool or even to another site. The security manager needs visibility to track migrations as they happen, verifying that security posture of migrated assets does not change. Solution: Automated Scanning Vulnerability assessments can help security managers determine the cause and type of such a failure. They need visibility not only within an asset pool or site, but among multiple pools or sites in the case of co-located or distributed data centers. The hypervisor detects the migration, and the vulnerability management solution should recognize it and send an alert to the security manager. Again, the security manager should have the option to configure the vulnerability management software to automatically scan migrated assets and issue a scan report upon completion. What About Hypervisor Security? A 2009 IBM report suggested that the hypervisor platform contained dozens of vulnerabilities. This report sparked industry discussions that securing a virtualized environment presents a new set of risks, but emphasized securing the hypervisor itself. Hypervisor vulnerabilities are static. Conventional scanners can identify these vulnerabilities, and administrators can remediate them using conventional scan-and-patch processes. The IBM study failed to address the dynamic nature of the entire virtualized infrastructure. There is general agreement that the hypervisor is an ideal location to deploy security solutions such as anti-malware systems. That said, in a 2011 report, Forrester “addressed the security of the hypervisor and concluded that it introduces some marginal risk to the server environment but that concerns are largely overblown.” (Forrester, Ibid., p. 6.) Solution: Rapid7 Security Risk Intelligence Rapid7 Security Risk Intelligence is a data-driven approach to risk assessment and vulnerability management that weighs the value of data sets when measuring risk. Rapid7 offers a powerful combination of innovative vulnerability management and penetration testing solutions along with deep security expertise to identify and prioritize the dynamic security risks of virtualized environments. Rapid7 Nexpose is the industry’s first vulnerability management solution with capabilities, such as Continuous Discovery, designed specifically for virtualized environments. Working closely with VMware, Rapid7 continues to add virtualization-specific capabilities into Nexpose, its vulnerability management and risk-assessment solution. Nexpose is the only third party vulnerability management solution included in the VMware security reference architecture. Additionally, Rapid7 Metasploit can be used in conjunction with Nexpose to validate risk in IT environments based on actual exploitability of vulnerabilities, both in physical and in virtual environments.
Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com How Rapid7 Can Help Rapid7 is a leader in security risk intelligence that can help you gain valuable insight into your security posture, through both products and services. Headquartered in Boston, MA, Rapid7 was founded in 2000. In response to the increasing security threat environment, the company developed its award-winning vulnerability management solution Nexpose. In 2009, Rapid7 acquired Metasploit, the leading penetration testing platform with the world’s largest quality assured exploit database. The combination of both products has resulted in the company’s integrated security risk intelligence portfolio, designed to provide organizations with unique insight into their threat and risk posture. Rapid7 also has a professional services unit that conducts product deployments and trainings as well as security assessments. If you have questions on how you could improve your organization’s security posture, would like to evaluate Rapid7’s vulnerability management or penetration testing products, or would like to talk to Rapid7’s professional services team, please contact Rapid7 at info@rapid7.com, call +1.617.247.1717, or visit www.rapid7.com.

Recommended

Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security Kofax
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) Dragos, Inc.
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemLancope, Inc.
 

Recommended

Get Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMGet Real-Time Cyber Threat Protection with Risk Management and SIEM
Get Real-Time Cyber Threat Protection with Risk Management and SIEMRapid7
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security Kofax
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) How to Increase ICS Cybersecurity Return on Investment (ROI)
How to Increase ICS Cybersecurity Return on Investment (ROI) Dragos, Inc.
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemLancope, Inc.
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesAtif Ghauri
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud projectPetteri Heino
 
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsDominique Dessy
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...Risk Analysis Consultants, s.r.o.
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Splunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudySplunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudyAndrew Gerber
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and OrchestrationGreg Foss
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Industrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology SelectionIndustrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology SelectionDragos, Inc.
 
Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...John M. Willis
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attacknewbie2019
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...Rapid7
 
Rapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance GuideRapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance GuideRapid7
 

More Related Content

What's hot

Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesAtif Ghauri
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud projectPetteri Heino
 
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsDominique Dessy
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...Risk Analysis Consultants, s.r.o.
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controlsAlienVault
 
Splunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudySplunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudyAndrew Gerber
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and OrchestrationGreg Foss
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
 
Industrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology SelectionIndustrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology SelectionDragos, Inc.
 
Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...John M. Willis
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMEAlienVault
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmAlienVault
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attacknewbie2019
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 

What's hot (20)

Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Cheatsheet for your cloud project
Cheatsheet for your cloud projectCheatsheet for your cloud project
Cheatsheet for your cloud project
 
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security ControlsEbook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
 
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
QualysGuard InfoDay 2013 - QualysGuard Security & Compliance Suite supporting...
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Splunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case StudySplunk for Security: Background & Customer Case Study
Splunk for Security: Background & Customer Case Study
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and Orchestration
 
From SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity ChasmFrom SIEM to SOC: Crossing the Cybersecurity Chasm
From SIEM to SOC: Crossing the Cybersecurity Chasm
 
Industrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology SelectionIndustrial Control Systems Cybersecurity Technology Selection
Industrial Control Systems Cybersecurity Technology Selection
 
Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...Extending the 20 critical security controls to gap assessments and security m...
Extending the 20 critical security controls to gap assessments and security m...
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Security Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SMESecurity Operations Center (SOC) Essentials for the SME
Security Operations Center (SOC) Essentials for the SME
 
Dragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations CenterDragos S4x20: How to Build an OT Security Operations Center
Dragos S4x20: How to Build an OT Security Operations Center
 
Improve threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usmImprove threat detection with hids and alien vault usm
Improve threat detection with hids and alien vault usm
 
Vulnerability threat and attack
Vulnerability threat and attackVulnerability threat and attack
Vulnerability threat and attack
 
Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics
 

Viewers also liked

Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...Rapid7
 
Rapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance GuideRapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance GuideRapid7
 
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7
 
Rapid7 CAG Compliance Guide
Rapid7 CAG Compliance GuideRapid7 CAG Compliance Guide
Rapid7 CAG Compliance GuideRapid7
 
IT Security in Higher Education
IT Security in Higher EducationIT Security in Higher Education
IT Security in Higher EducationRapid7
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceRapid7
 
Protecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraProtecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraRapid7
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7Rapid7
 

Viewers also liked (11)

Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS C...
 
Rapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance GuideRapid7 FISMA Compliance Guide
Rapid7 FISMA Compliance Guide
 
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
 
Rapid7 CAG Compliance Guide
Rapid7 CAG Compliance GuideRapid7 CAG Compliance Guide
Rapid7 CAG Compliance Guide
 
IT Security in Higher Education
IT Security in Higher EducationIT Security in Higher Education
IT Security in Higher Education
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing Attacks
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Rapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government SectorRapid7 Report: Data Breaches in the Government Sector
Rapid7 Report: Data Breaches in the Government Sector
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
 
Protecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH EraProtecting Patient Health Information in the HITECH Era
Protecting Patient Health Information in the HITECH Era
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
 

Similar to The Dynamic Nature of Virtualization Security

2_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_01132_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_0113Jim Romeo
 
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response Team
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response TeamWHITE PAPER: Threats to Virtual Environments - Symantec Security Response Team
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response TeamSymantec
 
Risk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsRisk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsSiddharth Coontoor
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperTawnia Beckwith
 
PCI DSS & Virtualization
PCI DSS & Virtualization PCI DSS & Virtualization
PCI DSS & VirtualizationTobyRobinson13
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centerVenkat Projects
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementAnton Chuvakin
 
IT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityIT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityBooz Allen Hamilton
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Bossrbrockway
 
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...Aricent
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTawnia Beckwith
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Fernando Alves
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management SystemIRJET Journal
 
Ivanti Security Controls.pptx
Ivanti Security Controls.pptxIvanti Security Controls.pptx
Ivanti Security Controls.pptxFarhanSaifudin2
 
EastNets Compliance Solutions
EastNets Compliance SolutionsEastNets Compliance Solutions
EastNets Compliance SolutionsEastNets
 
Integration of Qualys with HCL BigFix Insights for Vulnerability Remediation
Integration of Qualys with HCL BigFix Insights for Vulnerability RemediationIntegration of Qualys with HCL BigFix Insights for Vulnerability Remediation
Integration of Qualys with HCL BigFix Insights for Vulnerability RemediationHCLSoftware
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printjames morris
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixHCLSoftware
 

Similar to The Dynamic Nature of Virtualization Security (20)

2_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_01132_24551_Virtualization_SC_0113
2_24551_Virtualization_SC_0113
 
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response Team
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response TeamWHITE PAPER: Threats to Virtual Environments - Symantec Security Response Team
WHITE PAPER: Threats to Virtual Environments - Symantec Security Response Team
 
Risk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized EnvironmentsRisk Analysis and Mitigation in Virtualized Environments
Risk Analysis and Mitigation in Virtualized Environments
 
Getting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paperGetting the Most Value from VM and Compliance Programs white paper
Getting the Most Value from VM and Compliance Programs white paper
 
Managing The Virtualized Enterprise New Technology, New Challenges
Managing The Virtualized Enterprise New Technology, New ChallengesManaging The Virtualized Enterprise New Technology, New Challenges
Managing The Virtualized Enterprise New Technology, New Challenges
 
PCI DSS & Virtualization
PCI DSS & Virtualization PCI DSS & Virtualization
PCI DSS & Virtualization
 
user centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations centeruser centric machine learning framework for cyber security operations center
user centric machine learning framework for cyber security operations center
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability Management
 
IT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization SecurityIT Security Risk Mitigation Report: Virtualization Security
IT Security Risk Mitigation Report: Virtualization Security
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
 
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...
Aricent Highly Automated Vulnerability Assessment Orchestration Containers (H...
 
Top 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management ProviderTop 10 Questions to Ask Your Vulnerability Management Provider
Top 10 Questions to Ask Your Vulnerability Management Provider
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus Cloud
 
Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...Esg solution showcase considerations for protecting converged systems and ...
Esg solution showcase considerations for protecting converged systems and ...
 
Vulnerability Management System
Vulnerability Management SystemVulnerability Management System
Vulnerability Management System
 
Ivanti Security Controls.pptx
Ivanti Security Controls.pptxIvanti Security Controls.pptx
Ivanti Security Controls.pptx
 
EastNets Compliance Solutions
EastNets Compliance SolutionsEastNets Compliance Solutions
EastNets Compliance Solutions
 
Integration of Qualys with HCL BigFix Insights for Vulnerability Remediation
Integration of Qualys with HCL BigFix Insights for Vulnerability RemediationIntegration of Qualys with HCL BigFix Insights for Vulnerability Remediation
Integration of Qualys with HCL BigFix Insights for Vulnerability Remediation
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_print
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
 

More from Rapid7

[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...
[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...
[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...Rapid7
 
OpenSSL Heartbleed Vulnerability Explained & Tips for Protection
OpenSSL Heartbleed Vulnerability Explained & Tips for ProtectionOpenSSL Heartbleed Vulnerability Explained & Tips for Protection
OpenSSL Heartbleed Vulnerability Explained & Tips for ProtectionRapid7
 
How to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessHow to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessRapid7
 
Penetration Testing Techniques - DREAD Methodology
Penetration Testing Techniques - DREAD MethodologyPenetration Testing Techniques - DREAD Methodology
Penetration Testing Techniques - DREAD MethodologyRapid7
 
Life's a Breach: Yahoo Gets Burned by SQL Injection
Life's a Breach: Yahoo Gets Burned by SQL InjectionLife's a Breach: Yahoo Gets Burned by SQL Injection
Life's a Breach: Yahoo Gets Burned by SQL InjectionRapid7
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7
 
How to Sell Security to Your CIO
How to Sell Security to Your CIOHow to Sell Security to Your CIO
How to Sell Security to Your CIORapid7
 

More from Rapid7 (7)

[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...
[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...
[INFOGRAPHIC] The Credit Card Criminal's Playbook: A Retail Data Breach Attac...
 
OpenSSL Heartbleed Vulnerability Explained & Tips for Protection
OpenSSL Heartbleed Vulnerability Explained & Tips for ProtectionOpenSSL Heartbleed Vulnerability Explained & Tips for Protection
OpenSSL Heartbleed Vulnerability Explained & Tips for Protection
 
How to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's EffectivenessHow to Manage Your Security Control's Effectiveness
How to Manage Your Security Control's Effectiveness
 
Penetration Testing Techniques - DREAD Methodology
Penetration Testing Techniques - DREAD MethodologyPenetration Testing Techniques - DREAD Methodology
Penetration Testing Techniques - DREAD Methodology
 
Life's a Breach: Yahoo Gets Burned by SQL Injection
Life's a Breach: Yahoo Gets Burned by SQL InjectionLife's a Breach: Yahoo Gets Burned by SQL Injection
Life's a Breach: Yahoo Gets Burned by SQL Injection
 
Rapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance GuideRapid7 NERC-CIP Compliance Guide
Rapid7 NERC-CIP Compliance Guide
 
How to Sell Security to Your CIO
How to Sell Security to Your CIOHow to Sell Security to Your CIO
How to Sell Security to Your CIO
 

Recently uploaded

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 

The Dynamic Nature of Virtualization Security

  • 1. White Paper The Dynamic Nature of Virtualization Security The need for real-time vulnerability management and risk assessment
  • 2. Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com Introduction Virtualization is radically shifting how enterprises deploy, deliver, and manage applications and data. It offers tremendous benefits for business efficiency and agility: resource consolidation for controlling costs, greater scalability and higher utilization of existing assets and applications, and flexibility for adapting assets to meet current business demands. Forrester asserts: “Virtualization is the norm; deploying a physical server is the exception.” It found that “server virtualization is nearly ubiquitous,” that “85 percent of organizations have adopted or are planning to adopt x86 server virtualization,” and that “79 percent of firms have or are planning to institute a ‘virtualization first’ policy.” By 2014, Forrester predicts that 75 percent of all servers will be virtualized. (“The CISO’s Guide to Virtualization Security,” by Rick Holland, et al., Forrester Research, Inc., January 12, 2012.) Similarly, Information Week reports that adoption of server virtualization has grown to 97 percent in survey-respondent data centers. It also reports similar adoption rates in storage virtualization (86 percent), application virtualization (88 percent), and desktop virtualization (76 percent). (“Next-Generation VM Security,” by Kurt Marko, Information Week reports, June 2012). As more enterprises virtualize their infrastructures, they also face new threat vectors. In the rush to virtualize applications and other assets and realize the fiscal and management benefits of virtualization, IT managers must continue to protect IT infrastructures from hacking incidents, inadvertent insider damage, and malware attacks. Servers, applications, networks, and end-user devices are becoming dynamic and unpredictable. Virtualized assets are susceptible to the same threats and vulnerabilities as traditional assets but traditional security devices offer limited visibility into virtualized environments, where assets and their security postures are constantly changing. Incidents in virtualized servers can escalate rapidly and cause considerable damage. Determining the risk level associated with a given vulnerability remains vital to prioritizing mitigation tasks. The cornerstones of a proactive security strategy are vulnerability management and risk assessment. However, traditional “scan-and-patch” vulnerability scanning approaches are inadequate for dynamic, virtualized environments. Traditional scanners cannot track changes in real time, so they cannot accurately measure constantly changing risks. Anyone charged with securing IT assets needs to understand the dynamic security risks inherent to virtualized environments, and more importantly, what to do to mitigate those risks. With security infrastructures lagging behind virtualization adoption, a vulnerability management solution that provides immediate risk assessment plays a critical role in helping security managers protect virtualized assets and data. Forrester recommends: You must extend your vulnerability management program into your virtual environment. Server hardening, including patch management and configuration management, is a core element of vulnerability management. A number of good resources are available to assist you with hardening your virtual servers. You must also ensure that you are conducting regular vulnerability assessments, including scanning and penetration testing, of the environment. …You should include virtualization-specific penetration tests to validate the hardening and security controls of the environment. (Forrester, Ibid., p. 9) Scheduled scans remain useful in virtualized environments, but the dynamic character of virtualization presents new kinds of risk. The constantly fluctuating environment requires continuous and comprehensive security monitoring to detect changes as they happen.
  • 3. Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com The vulnerability management solution should include these capabilities: • Deployable as a virtual machine (VM) • Discover and scan VMs as they spin up and down for vulnerabilities and misconfigurations. • Detect snapshot rollbacks and scan after restores • Track asset migrations and proactively monitor their security postures To better understand the need for these capabilities, consider the challenges and solutions below. Challenge: On or Off? Virtual machines spin up and down all day long. Some VMs may activate many times a day, while others may spin up once a month. An IT administrator can provision, operate, and delete a VM before a traditional vulnerability scanner can check it for vulnerabilities. Periodic scans assign inactive VMs a risk score of 0. There’s inherent risk if that potentially-vulnerable VM spins up again before the next periodic scan kicks off. Solution: Automated Discovery and Scanning Security managers need to know when VMs become active, so they have the option to scan them immediately and assess their risk levels. Without requiring operator intervention, the vulnerability management solution should be able to interact with the hypervisor to detect VMs as they come online and maintain an accurate database of discovered resources. More importantly, a security manager should have the option to configure the vulnerability management solution to automatically scan critical resources when they spin up and issue a scan report upon completion. Challenge: Snapshot Rollbacks Storage snapshots are a valuable data protection capability. However, a rollback or restore may expose a VM, and the system it resides upon, to a previously fixed vulnerability. For example, rollbacks may revert a VM to an older software version that needs critical patching. A periodic scan may not discover this exposure for days or weeks. Another scenario is a rollback reinstates a configuration error or other vulnerability that is exploitable by malware, and a malware attack may have caused the crash. Solution: Rollback Detection and Automated Scanning If the vulnerability management solution is in communication with the hypervisor, it should be able to detect rollbacks and restores and send an alert to the management console. The security manager should have the option to configure the vulnerability management solution to automatically scan assets after a rollback or restore and issue a scan report upon completion. For example, such scans can immediately verify that software versions remain compliant with policies after a rollback, or expose the exploitable errors or vulnerabilities and allow security managers to mitigate them.
  • 4. Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com Challenge: Virtual Machine Migration Live migrations of VMs to other hosts, using features such as VMware vMotion, helps server managers adjust server utilization and maintain performance levels without service interruption. Migrations may be a proactive management task, but more often they occur as a result of a catastrophic failure. Some failures, such as loss of an asset pool, can trigger migrations to another asset pool or even to another site. The security manager needs visibility to track migrations as they happen, verifying that security posture of migrated assets does not change. Solution: Automated Scanning Vulnerability assessments can help security managers determine the cause and type of such a failure. They need visibility not only within an asset pool or site, but among multiple pools or sites in the case of co-located or distributed data centers. The hypervisor detects the migration, and the vulnerability management solution should recognize it and send an alert to the security manager. Again, the security manager should have the option to configure the vulnerability management software to automatically scan migrated assets and issue a scan report upon completion. What About Hypervisor Security? A 2009 IBM report suggested that the hypervisor platform contained dozens of vulnerabilities. This report sparked industry discussions that securing a virtualized environment presents a new set of risks, but emphasized securing the hypervisor itself. Hypervisor vulnerabilities are static. Conventional scanners can identify these vulnerabilities, and administrators can remediate them using conventional scan-and-patch processes. The IBM study failed to address the dynamic nature of the entire virtualized infrastructure. There is general agreement that the hypervisor is an ideal location to deploy security solutions such as anti-malware systems. That said, in a 2011 report, Forrester “addressed the security of the hypervisor and concluded that it introduces some marginal risk to the server environment but that concerns are largely overblown.” (Forrester, Ibid., p. 6.) Solution: Rapid7 Security Risk Intelligence Rapid7 Security Risk Intelligence is a data-driven approach to risk assessment and vulnerability management that weighs the value of data sets when measuring risk. Rapid7 offers a powerful combination of innovative vulnerability management and penetration testing solutions along with deep security expertise to identify and prioritize the dynamic security risks of virtualized environments. Rapid7 Nexpose is the industry’s first vulnerability management solution with capabilities, such as Continuous Discovery, designed specifically for virtualized environments. Working closely with VMware, Rapid7 continues to add virtualization-specific capabilities into Nexpose, its vulnerability management and risk-assessment solution. Nexpose is the only third party vulnerability management solution included in the VMware security reference architecture. Additionally, Rapid7 Metasploit can be used in conjunction with Nexpose to validate risk in IT environments based on actual exploitability of vulnerabilities, both in physical and in virtual environments.
  • 5. Rapid7 Corporate Headquarters 800 Boylston Street, Prudential Tower, 29th Floor, Boston, MA 02199-8095 617.247.1717 www.rapid7.com How Rapid7 Can Help Rapid7 is a leader in security risk intelligence that can help you gain valuable insight into your security posture, through both products and services. Headquartered in Boston, MA, Rapid7 was founded in 2000. In response to the increasing security threat environment, the company developed its award-winning vulnerability management solution Nexpose. In 2009, Rapid7 acquired Metasploit, the leading penetration testing platform with the world’s largest quality assured exploit database. The combination of both products has resulted in the company’s integrated security risk intelligence portfolio, designed to provide organizations with unique insight into their threat and risk posture. Rapid7 also has a professional services unit that conducts product deployments and trainings as well as security assessments. If you have questions on how you could improve your organization’s security posture, would like to evaluate Rapid7’s vulnerability management or penetration testing products, or would like to talk to Rapid7’s professional services team, please contact Rapid7 at info@rapid7.com, call +1.617.247.1717, or visit www.rapid7.com.