The document discusses security risks in virtualized environments. It describes how virtualization works and its benefits, but also notes it can introduce new risks if not implemented securely. Specifically, it outlines risks of attacks on the virtualization infrastructure like hyperjacking, attacks on virtualization features that could allow information leakage, and compliance and management challenges around licensing and configurations. It provides examples of controls organizations can implement, like access controls and hardening virtual machines. Finally, it presents a case study of an audit of a company's virtualized environment and concludes with best practices organizations should follow for virtualization security.