ESCALATING INSIDER THREATS USING VMWARE'S API
|
|
- Dulcie Sims
- 5 years ago
- Views:
Transcription
1 ESCALATING INSIDER THREATS USING VMWARE'S API Ofri Ziv, GuardiCore Escalating Insider Threats Using VMware s API Page 1
2 Who am I? VP Research at GuardiCore Head of GuardiCore Labs Security research Development of data analysis algorithms Msc in Computer Science Over 10 years of cyber security research experience Prior work: Bondnet, Infection Monkey Cloud & Data Center security company Escalating Insider Threats Using VMware s API Page 2
3 Agenda Overview of host-guest isolation model Use case (SOD) Attack Flow Demo Who is vulnerable? Mitigation Escalating Insider Threats Using VMware s API Page 3
4 Guest Machine From vsphere User to Guest Machine RCE Data Center Escalating Insider Threats Using VMware s API Page 4
5 Host-Guest Isolation Any virtualized data center needs to provide isolation between host and guest machines Separation of Duties Required by regulations Escalating Insider Threats Using VMware s API Page 5
6 Host-Guest Isolation Guest virtual machines should be isolated from the host and from other guests running on the same host. Interaction between the host and guests [ ] should occur only through channels with well-understood and documented security properties - VMware Escalating Insider Threats Using VMware s API Page 6
7 Isolation How To To use the VIX API for guest operation, applications must authenticate with two distinct security domains: 1. The client must first authenticate with the vsphere host. 2. The client must then supply a valid credential for the guest operating system on any virtual machine where it wants to perform guest operations - VMware Escalating Insider Threats Using VMware s API Page 7
8 A built-in functionality in vsphere breaks the host-guest security model Escalating Insider Threats Using VMware s API Page 8
9 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 9
10 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 10
11 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 11
12 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 12
13 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 13
14 Dr. Bob Xray expert Alice Infrastructure engineer Escalating Insider Threats Using VMware s API Page 14
15 DATA PLANE Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 15
16 DATA PLANE Guest Host Guest Dr. Bob Patients Data Host Guest Alice CONTROL PLANE Escalating Insider Threats Using VMware s API Page 16
17 data plane CRED CRED Dr. Bob User: Password:? Patients Data CRED CRED Alice host control plane Escalating Insider Threats Using VMware s API Page 17
18 An undocumented feature Undocumented authentication method Bypass guest authentication Leads to RCE on the guest machine Escalating Insider Threats Using VMware s API Page 18
19 Broken Host-Guest Isolation To user the VIX API for guest operation, applications must authenticate with two distinct security domains: 1. The client must first authenticate with the vsphere host. 2. The client must then supply a valid credential for the guest operation system on any virtual machine where it wants to perform guest operations.?? - VMware Escalating Insider Threats Using VMware s API Page 19
20 All your are belong to us Control the guest Arbitrary code execution File operations Registry operations Attack types Lateral Movement Access to isolated networks Data leakage / manipulation Ransomware Escalating Insider Threats Using VMware s API Page 20
21 Attack Flow Connect (host cred) Vix_OpenVm ( Patients Data ) Login InGuest (User=????, Password=????) Tools Patients Data User: Password:? Guest operating system management by VIX API CRED CRED authd VMX host Escalating Insider Threats Using VMware s API Page 21
22 Undocumented Authentication Method Escalating Insider Threats Using VMware s API Page 22
23 Attack Flow Connect (host cred) Vix_OpenVm ( Patients Data ) LoginInGuest(Shared Secret User, Shared Secret, options=4) Tools Patients Data VM conf file Shared Secret CRED CRED VMX Autd conf file SharedPolicyRefCount Escalating Insider Threats Using VMware s API Page 23
24 How to Set a Shared Secret Shared Secret Login vsphere API VirtualMachine\Config\AdvancedConfig privilege guest.commands.sharedsecretlogin.<username> = SHA256(SS).encode( base64 ) Escalating Insider Threats Using VMware s API Page 24
25 How to Set a Shared Secret Shared Secret Login vsphere API VirtualMachine\Config\AdvancedConfig privilege guest.commands.sharedsecretlogin.<username> = SHA256(SS).encode( base64 ) SharedPolicyRefCount Controls whether guest operations using shared secret are allowed vsphere API Host\Configuration\Advanced Settings privilege Escalating Insider Threats Using VMware s API Page 25
26 Attack Flow Connect (host cred) Vix_OpenVm ( Patients Data ) LoginInGuest(Shared Secret User, Shared Secret, options=4) RunProgramInGuest( /bin/sh ) Tools Patients Data CRED CRED VMX Autd Escalating Insider Threats Using VMware s API Page 26
27 Attack Flow Connect (host cred) Vix_OpenVm ( Patients Data ) LoginInGuest(Shared Secret User, Shared Secret, options=4) RunProgramInGuest( /bin/sh ) Tools Patients Data CRED CRED VMX Autd Escalating Insider Threats Using VMware s API Page 27
28 Attack Flow Connect (host cred) Vix_OpenVm ( Patients Data ) LoginInGuest(Shared Secret User, Shared Secret, options=4) RunProgramInGuest( /bin/sh ) Tools Patients Data CRED CRED VMX Autd Escalating Insider Threats Using VMware s API Page 28
29 Escalating Insider Threats Using VMware s API Page 29 Live DEMO!
30 When will the attack not work? requestflags Passed properly by VMX Shared secret auth is opted-out if code block exists Escalating Insider Threats Using VMware s API Page 30
31 Who is vulnerable? Guest machines running on ESXi 5.5 OR Guest machines running VMware Tools version < Latest upstream repository offers a vulnerable OVT Ubuntu Fedora 25 RHEL 7.2 Oracle Linux 7 (latest) Escalating Insider Threats Using VMware s API Page 31
32 Our Risk Assessment Tool Escalating Insider Threats Using VMware s API Page 32
33 Mitigation For ESXi 6.0 and 6.5 Option #1 Upgrade Vmtools Option #2 Opt-out by modifying vmtools configuration (for 9.9.0) Escalating Insider Threats Using VMware s API Page 33
34 Mitigation For ESXi 5.5 Fixed VMtools version Forked from latest open-vm-tools repository Source code - Binary Escalating Insider Threats Using VMware s API Page 34
35 Go Check your network Attack tool Risk assessment tool Fixed vmtools version Source: (twitter) Q&A Escalating Insider Threats Using VMware s API Page 35
Agenda 1 Types of VMware Tools 2 Status Display in vsphere 3 Lifecycle and Supported Guests 4 Standardization Approach 5 Keeping Tools Updated #SER195
SER1957BU Mastering the VMware Tools Lifecycle in Your vsphere Data Center Eric Gray #VMworld #SER1957BU Agenda 1 Types of VMware Tools 2 Status Display in vsphere 3 Lifecycle and Supported Guests 4 Standardization
More informationCounterACT Security Policy Templates
n Guide Version 18.0.1 Table of Contents About Security Policy Templates... 3 Tracking Vulnerable and Infected Endpoints... 3 Supported CounterACT Versions... 3 Requirements... 3 Installation... 4 n...
More informationHarbor Registry. VMware VMware Inc. All rights reserved.
Harbor Registry VMware 2017 VMware Inc. All rights reserved. VMware Harbor Registry Cloud Foundry Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image
More informationForeScout CounterACT. Security Policy Templates. Configuration Guide. Version
ForeScout CounterACT Security Policy Templates Version 18.0.1 Table of Contents About Security Policy Templates... 3 Tracking Vulnerable and Infected Endpoints... 3 Requirements... 3 Installation... 4
More informationQualys Cloud Platform (VM, PC) v8.x Release Notes
Qualys Cloud Platform (VM, PC) v8.x Release Notes Version 8.18.1 April 1, 2019 This new release of the Qualys Cloud Platform (VM, PC) includes improvements to Vulnerability Management and Policy Compliance.
More informationWeb App Testing: RECON. MAPPING. ANALYSIS.
www.pandoralabs.net Expert Advice. Experience Advantage. Proactive Security Solutions Through Cutting-Edge Research. Web App Testing: RECON. MAPPING. ANALYSIS. By @isaacsabas We are a Security-as-a-Service
More informationWHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX
WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model
More informationTable of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2
Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.
More informationExam Name: VMware Certified Professional on vsphere 5 (Private Beta)
Vendor: VMware Exam Code: VCP-511 Exam Name: VMware Certified Professional on vsphere 5 (Private Beta) Version: DEMO QUESTION 1 The VMware vcenter Server Appliance has been deployed using default settings.
More informationFeaturing. and. Göteborg. Ulf Larson Thursday, October 24, 13
Featuring and Göteborg OWASP top ten 2013 Based on risk data from eight firms that specialize in application security, This data spans over 500,000 vulnerabilities across hundreds of organizations and
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationVirtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC
Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /
More informationINSTALLATION GUIDE. Virtual Appliance for Inspector and Reporter 9/20/2018 1:32 PM
INSTALLATION GUIDE Virtual Appliance for Inspector and Reporter 9/20/2018 1:32 PM Network Detective Virtual Appliance for Inspector and Reporter Installation Guide Contents Purpose of this Guide 4 RapidFire
More informationTable of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine
Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of
More information4 Ways Your Organization Can Be Hacked
Behind the Scenes 4 Ways Your Organization Can Be Hacked Brian Johnson President, 7 Minute Security Jeff Melnick Netwrix, Systems Engineer Agenda Quick introductions The ways your organization can be hacked
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationSymantec and VMWare why 1+1 makes 3
Symantec and VMWare why 1+1 makes 3 Finn Henningsen Principal Systems Engineer Peter Schjøtt Principal Systems Engineer Rasmus Rask Eilersen Principal Systems Engineer Symantec and VMWare 1 Tak til vores
More informationUsing SANDeploy iscsi SAN for VMware ESX / ESXi Server
Using SANDeploy iscsi SAN for VMware ESX / ESXi Server Friday, October 8, 2010 www.sandeploy.com Copyright SANDeploy Limited 2008 2011. All right reserved. Table of Contents Preparing SANDeploy Storage...
More informationApplication Security Approach
Technical Approach Page 1 CONTENTS Section Page No. 1. Introduction 3 2. What is Application Security 7 3. Typical Approaches 9 4. Methodology 11 Page 2 1. INTRODUCTION Page 3 It is a Unsafe Cyber world..
More informationVMware Horizon Migration Tool User Guide
VMware Horizon Migration Tool User Guide Version 3.0.0 August 2017 VMware End User Computing 1/31 @2017 VMware, Inc. All rights reserved. @2017 VMware, Inc. All rights reserved. This product is protected
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationComputers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady
Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day
More informationCyberArk Privileged Threat Analytics
CyberArk Privileged Threat Analytics Table of Contents The New Security Battleground: Inside Your Network 3 Privileged account security 3 Collect the right data 4 Detect critical threats 5 Alert on critical
More informationSecuring ArcGIS for Server. David Cordes, Raj Padmanabhan
Securing ArcGIS for Server David Cordes, Raj Padmanabhan Agenda Security in the context of ArcGIS for Server User and Role Considerations Identity Stores Authentication Securing web services Protecting
More informationVirtual Appliance Installation Guide
Virtual Appliance Installation Guide 2017 RapidFire Tools, Inc. All rights reserved. V20171027 Ver 2M Contents Purpose of this Guide...3 System Requirements...3 Hyper-V installation System Requirements...3
More informationvrealize Infrastructure Navigator Installation and Configuration Guide
vrealize Infrastructure Navigator Installation and Configuration Guide vrealize Infrastructure Navigator 5.8.5 This document supports the version of each product listed and supports all subsequent versions
More informationTable of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates
Table of Contents Configure and Manage Logging in to the Management Portal Verify and Trust Certificates Configure System Settings Add Cloud Administrators Add Viewers, Developers, or DevOps Administrators
More informationAppDefense Plug-In. VMware AppDefense 2.0
VMware 2.0 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit your feedback to docfeedback@vmware.com
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationTenable.io for Thycotic
How-To Guide Tenable.io for Thycotic Introduction This document describes how to deploy Tenable.io for integration with Thycotic Secret Server. Please email any comments and suggestions to support@tenable.com.
More informationAWS Security. Staying on Top of the Cloud
AWS Security Staying on Top of the Cloud Intro Kurtis Miller, a Principal Security Consultant for Previously: Global Security Engineering Manager for Senior Security Consultant for First Security Engineer
More informationOutline: Securing The Cloud with VMWARE vsphere Code: ACBE GEN-VMSECURE_ONLINE. Days: 5. Course Description:
VMTRAINING Securing The Cloud with VMWARE vsphere Code: ACBE GEN-VMSECURE_ONLINE Days: 5 Course Description: This course is going to provide a solid understanding of the various components that make up
More informationAdvanced Vmware Security The Lastest Threats and Tools
Advanced Vmware Security The Lastest Threats and Tools Introduction Who is VMTraining VMWARE Security around VMware What are you in for? Hold On! Does ESX really have some major issues? Recent Cases involving
More informationTRAINING WEEK COURSE OUTLINE May RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I.
TRAINING WEEK COURSE OUTLINE May 9-13 2016 RADISSON HOTEL TRINIDAD Port of Spain, Trinidad, W.I. Page2 FACILITATOR S BIOGRAPHY John Tannahill, CA, CISM, CGEIT, CRISC is a management consultant specializing
More informationIntroduction to Virtualization
Introduction to Virtualization Module 2 You Are Here Course Introduction Introduction to Virtualization Creating Virtual Machines VMware vcenter Server Configuring and Managing Virtual Networks Configuring
More informationHypervisor security. Evgeny Yakovlev, DEFCON NN, 2017
Hypervisor security Evgeny Yakovlev, DEFCON NN, 2017 whoami Low-level development in C and C++ on x86 UEFI, virtualization, security Jetico, Kaspersky Lab QEMU/KVM developer at Virtuozzo 2 Agenda Why hypervisor
More informationArticle Summary of: Understanding Cloud Computing Vulnerabilities. Michael R. Eldridge
Article Summary of: Understanding Cloud Computing Vulnerabilities Michael R. Eldridge April 14, 2016 2 Introduction News stories abound about the almost daily occurrence of break-ins and the stealing of
More informationSecuring your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008
Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to
More informationASC Chairman. Best Practice In Data Security In The Cloud. Speaker Name Dr. Eng. Bahaa Hasan
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Best Practice In Data Security
More informationMurray Goldschmidt. Chief Operating Officer Sense of Security Pty Ltd. Micro Services, Containers and Serverless PaaS Web Apps? How safe are you?
Murray Goldschmidt Chief Operating Officer Sense of Security Pty Ltd Micro Services, Containers and Serverless PaaS Web Apps? How safe are you? A G E N D A 1 2 3 Serverless, Microservices and Container
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationRBS OpenEMR Multisite Setup Improper Access Restriction Remote Code Execution of 5
RBS-2017-001 OpenEMR Multisite Setup Improper Access Restriction Remote Code Execution 2018-03-22 1 of 5 Vendor / Product Information OpenEMR is a Free and Open Source electronic health records and medical
More informationVMware admins: Can your DR do this?
VMware admins: Can your DR do this? Veeam Backup & Replication v6 Rick Vanover vexpert, VCP, MCITP Product Strategy Specialist Twitter @RickVanover Administrative Points on this Webinar Technical content,
More informationMULTI FACTOR AUTHENTICATION USING THE NETOP PORTAL. 31 January 2017
MULTI FACTOR AUTHENTICATION USING THE NETOP PORTAL 31 January 2017 Contents 1 Introduction... 2 1.1 Prerequisite for configuring the multi-factor authentication:... 2 1.1.1 On the Guest side... 2 1.1.2
More informationTHE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS
SESSION ID: MBS-W04 THE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS Nadir Izrael CTO & Co-Founder Armis, Inc. Ben Seri Head of Research Armis, Inc. Placeholder Slide: Image of spread of infection Placeholder
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationvsphere Security Update 2 Modified 04 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0
Update 2 Modified 04 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0 You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The VMware
More informationCompletely Uninstall Vmware Tools Linux Command Line
Completely Uninstall Vmware Tools Linux Command Line This article provides steps for manually removing VMware Workstation when the For more information, see Opening a command or shell prompt (1003892).
More informationThe 3 Pillars of SharePoint Security
The 3 Pillars of SharePoint Security Liam Cleary CEO/Owner SharePlicity Jeff Melnick Systems Engineer Netwrix Corporation AGENDA The Problem Attack Vectors Intranet, Extranet and Public Facing Proactive
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationVirtually Pwned Pentesting VMware. Claudio
Virtually Pwned Pentesting VMware Claudio Criscione @paradoxengine c.criscione@securenetwork.it /me Claudio Criscione The need for security Breaking virtualization means hacking the underlying layer accessing
More informationGEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:
Advanced Compliance Enforcement for Healthcare Presented by: December 16, 2014 Adam Winn GEARS Product Manager OPSWAT Kevin Mayer Product Manager ForeScout Agenda Challenges for the healthcare industry
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More informationSecurity Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis
Security Automation Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis Network Admission Control See Managed Unmanaged Computing
More informationPrivilege Escalation
Privilege Coleman Kane Coleman.Kane@ge.com February 9, 2015 Security Vulnerability Assessment Privilege 1 / 14 root, or Privilege or Elevation is the act of gaining access to resources which were intended
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationCompTIA Security+ Study Guide (SY0-501)
CompTIA Security+ Study Guide (SY0-501) Syllabus Session 1 At the end of this session, students will understand what risk is and the basics of what it means to have security in an organization. This includes
More informationVMware s (Open Source) Way of Container. Dr. Udo Seidel
VMware s (Open Source) Way of Container Dr. Udo Seidel Agenda Introduction The Big Picture Open Source Dimensions Summary Sneak Preview Lots of text/data No demo No I am not working for Vmware VMware competitor
More informationAll rights reserved. All trademarks are the property of their respective owners.
2017 5nine Software Inc. All rights reserved. All trademarks are the property of their respective owners. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval
More informationMcAfee Endpoint Threat Defense and Response Family
Defense and Family Detect zero-day malware, secure patient-zero, and combat advanced attacks The escalating sophistication of cyberthreats requires a new generation of protection for endpoints. Advancing
More informationNetwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer
Netwrix Auditor Visibility platform for user behavior analysis and risk mitigation Mason Takacs Systems Engineer Agenda Product Overview Product Demonstration Q&A About Netwrix Auditor Netwrix Auditor
More informationLO2 Be able to design virtualisation deployments.
2015 2016 Phil Smith LO2 Be able to design virtualisation deployments. LO2 requirements 1. 2.1 complete a needs analysis for a virtualisation deployment. 2. 2.2 design a virtualisation solution for a given
More informationOverview of Web Application Security and Setup
Overview of Web Application Security and Setup Section Overview Where to get assistance Assignment #1 Infrastructure Setup Web Security Overview Web Application Evaluation & Testing Application Security
More informationHow to Put Your AF Server into a Container
How to Put Your AF Server into a Container Eugene Lee Technology Enablement Engineer 1 Technology Challenges 2 Cloud Native bring different expectations 3 We are becoming more impatient Deploy Code Release
More informationSecuring the Data Center against
Securing the Data Center against vulnerabilities & Data Protection Agenda Virtual Virtualization Technology How Virtualization affects the Datacenter Security Keys to a Secure Virtualized Deployment and
More informationSOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:
(Solutions Brief) An integrated cybersecurity Administration solution for securing any Large Enterprise. The Industry s most complete protection for the Large Enterprise and Cloud Deployments. KEY SERVICES:
More informationAttacking Next- Generation Firewalls
Attacking Next- Generation Firewalls Breaking PAN-OS Felix Wilhelm #whoami Security Researcher @ ERNW Research Application and Virtualization Security Recent Research Hypervisors (Xen) Security Appliances
More informationNetwrix Auditor. Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer
Netwrix Auditor Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer Agenda Company overview Briefly about Netwrix Auditor Netwrix Auditor Data Discovery and Classification Edition Product
More informationSAP Security. BIZEC APP/11 Version 2.0 BIZEC TEC/11 Version 2.0
Welcome BIZEC Roundtable @ IT Defense, Berlin SAP Security BIZEC APP/11 Version 2.0 BIZEC TEC/11 Version 2.0 February 1, 2013 Andreas Wiegenstein CTO, Virtual Forge 2 SAP Security SAP security is a complex
More informationCloud Under Control. HyTrust Two-Man Rule Solution Brief
HyTrust Two-Man Rule Solution Brief Summary Summary The exposure of extremely confidential national security information by an N.S.A. systems administrator highlighted the catastrophic consequences of
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationForeScout Extended Module for Qualys VM
ForeScout Extended Module for Qualys VM Version 1.2.1 Table of Contents About the Qualys VM Integration... 3 Additional Qualys VM Documentation... 3 About This Module... 3 Components... 4 Considerations...
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationiscsi Target Usage Guide December 15, 2017
December 15, 2017 1 Table of Contents 1. Native VMware Availability Options for vsan 1.1.Native VMware Availability Options for vsan 1.2.Application Clustering Solutions 1.3.Third party solutions 2. Security
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationRSA DISTRIBUTED CREDENTIAL PROTECTION
RSA DISTRIBUTED CREDENTIAL PROTECTION There is a security weakness lurking in many of today s best designed systems a primary point of compromise. Think about your own IT operations. Chances are that by
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationDisclaimer CONFIDENTIAL 2
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally
More informationCNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers Martijn Baecke Patrick Daigle VMworld 2017 Content: Not fo
CNA1699BU Running Docker on your Existing Infrastructure with vsphere Integrated Containers VMworld 2017 Content: Not for publication #VMworld #CNA1699BU CNA1699BU Running Docker on your Existing Infrastructure
More informationWhen dynamic VM migration falls under the control of VM user
When dynamic VM migration falls under the control of VM user Kahina LAZRI, Sylvie LANIEPCE, Haiming ZHENG IMT/OLPS/ASE/SEC/NPS Orange Labs, Caen Jalel Ben-Othman L2TI laboratory Paris13 Symposium sur la
More informationn Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test
Chapter Objectives n Explain penetration testing concepts n Explain vulnerability scanning concepts Chapter #4: Threats, Attacks, and Vulnerabilities Vulnerability Scanning and Penetration Testing 2 Penetration
More informationRonny L. Bull & Dr. Jeanna Matthews. DerbyCon 4.0. Sept 27th, 2014
Layer 2 Network Security in Virtualized Environments Ronny L. Bull & Dr. Jeanna Matthews DerbyCon 4.0 Sept 27th, 2014 The Researchers Ronny Bull Computer Science Ph.D. Graduate Student at Clarkson University
More informationEV CHARGING: MAPPING OUT THE CYBER SECURITY THREATS AND SOLUTIONS FOR GRIDS AND CHARGING INFRASTRUCTURE
EV CHARGING: MAPPING OUT THE CYBER SECURITY THREATS AND SOLUTIONS FOR GRIDS AND CHARGING INFRASTRUCTURE UtiliNet Europe Cyber Security Workshop Brussels, Belgium Dr. Christian Hille Dr. Manuel Allhoff
More informationAppDefense Getting Started. VMware AppDefense
AppDefense Getting Started VMware AppDefense You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit
More informationCSC 5930/9010 Offensive Security: Lateral Movement
CSC 5930/9010 Offensive Security: Lateral Movement Professor Henry Carter Spring 2019 Recap Symmetric vs. Asymmetric encryption techniques Authentication protocols require proving possession of a secret:
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationCopyright 2015 EMC Corporation. All rights reserved. Published in the USA.
This Reference Architecture Guide describes, in summary, a solution that enables IT organizations to quickly and effectively provision and manage Oracle Database as a Service (DBaaS) on Federation Enterprise
More informationSite Recovery Manager Security
Site Recovery Manager 6.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationPass-the-Hash Attacks
Pass-the-Hash Attacks Mgr. Michael Grafnetter www.dsinternals.com Agenda PtH Attack Anatomy Mitigation Proactive Reactive Windows 10 + Windows Server 2016 Microsoft Advanced Threat Analytics PtH Attack
More informationForeScout CounterACT. Configuration Guide. Version 1.1
ForeScout CounterACT Hybrid Cloud Module: VMware NSX Plugin Version 1.1 Table of Contents About VMware NSX Integration... 3 Use Cases... 3 Additional VMware Documentation... 3 About this Plugin... 3 Dependency
More informationMCAFEE FOUNDSTONE FSL UPDATE
2017-JUL-03 FSL version 7.5.940 MCAFEE FOUNDSTONE FSL UPDATE To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary
More informationUnderstanding the Changing Cybersecurity Problem
Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and
More informationVMworld 2017 Content: Not for publication #CNA1699BE CONFIDENTIAL 2
CNA1699BE Running Docker on your Existing Infrastructure with vsphere Integrated Containers VMworld 2017 Content: Not for publication Martijn Baecke, Robbie Jerrom #vmworld #CNA1699BE VMworld 2017 Robbie
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationFAQ FOR VMWARE SERVER 2 - AUGUST, 2008
FAQ FOR VMWARE SERVER 2 - AUGUST, 2008 What is VMware Server? VMware Server is a free, easy-to-use Windows and Linux application that provides a superior introductory experience to server virtualization
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationAutomated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend
SAI3314BES Automated Security for the Real-time Enterprise with VMware NSX and Trend Micro Deep Security Chris Van Den Abbeele, Global Solution Architect, Trend Micro #VMworld #SAI3314BES Automated Security
More information