the State of Security

VirtSec

I Want My ROI!

by Michael Lohr

About a month ago, Mark Gaydos and Chris Hoff(Security Pros Say VirtSec Is An Operations Problem?) discussed who owned security for the virtualization space. Mark thought that it was interesting that security did not want to own the virtualization space and Hoff added a wrinkle, saying security was never involved in the first place so [...]

Read More

Locked Out of Your Virtual Network?

by ~Previous Contributers

By: Mark Gaydos I was reading the San Francisco chronicle article that is going around the blogs called “SF Officials Locked Out of Computer Network” in which a disgruntled administrator locked everyone out of the city’s network. And I wondered if this or something similar could happen in a virtual environment? I was talking to [...]

Read More

Walk Before You Run: Most Admins Coming Up To Speed On VirtSec

by ~Previous Contributers

By: Mark Gaydos I was reading “VMware’s ESX Hardening Guideline Falls Far Short of ‘Secure’” by Edward L. Haletky in which he describes how the VMware Hardening Guideline falls short of creating a completely secure virtual environment. The thing that struck me is that many administrators are just trying to “walk” before they “run” when [...]

Read More

Is the ESX Hardening Guideline enough?

by Gavin Millard

I’m just on my way home from presenting at the Future of the Datacenter Conference in London. The event was well attended and a lot of questions from the people I met on the stand before I went on stage were around virtualization and what Tripwire did to help with this “emerging” technology. Everyone saw [...]

Read More

Ok, I’m insecure now what?

by Michael Lohr

In my last blog I hopefully pointed you down the path to testing the security configuration of your ESX server. By the way, this is not the end all be all for your security needs but just another arrow in your quiver of defense in depth. No one product is going to completely provide security–heck [...]

Read More

How to use ConfigCheck

by Gavin Millard

UPDATE: Thanks to our excellent Product Management team we now have install instructions included in the download of ConfigCheck and directly on the website. I’ll leave my howto below just in case anyone likes to read installation notes with a British slant to them. I’ve seen a few emails floating about with regards to Tripwire [...]

Read More

← Previous Entries