Hi [[ session.user.profile.firstName ]]

Don't Bloat The Hypervisor! What to Know About Introspection

"Don't bloat the hypervisor" is the rallying cry for some security professionals worried about system virtualization security. Worried that access to APIs for security needs could end up making the same mistake with hypervisors that was made earlier with operating systems - bloat. A
"Don't bloat the hypervisor" is the rallying cry for some security professionals worried about system virtualization security. Worried that access to APIs for security needs could end up making the same mistake with hypervisors that was made earlier with operating systems - bloat. And the larger a system is, whether it is the code base for a hypervisor or an operating system, the more difficult it is to secure. Other security professionals say that the lack of security capabilities inherent in hypervisors limits necessary tasks, such as forensics. This group argues that introspection capabilities are critical for actually securing virtualization.

This presentation will examine both sides of the introspection debate, and what the possible implications of it are for information security practitioners trying to secure virtualized environments.
Recorded Feb 23 2011
33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
Presentation preview: Don't Bloat The Hypervisor!  What to Know About Introspection
Recommended for you:
  • Date
  • Rating
  • Views
  • Methods and Tools for Detecting Advanced, Targeted Cyber Threats Methods and Tools for Detecting Advanced, Targeted Cyber Threats Moderator: Stephen Pritchard - Speakers: Oren Aspir, Laurance Dine & John Pironti Live 75 mins
    According to research institutes, 70-90% of malwares found in breach investigations are unique to that organization – meaning there is no chance of detecting them with traditional security measures. As advanced threats become more and more quite, sophisticated and stealthy – detection and analysis methods need to be adapted accordingly. Using behavioral analysis, machine learning, and progressive visualization tools allows organizations to better detect, analyze and respond to threats.

    In this webinar Mr. Oren Aspir, CTO at CYBERBIT Ltd. will review advanced threats stealth mechanisms and the methods to detect them – with focus on optimizing analysis processes and minimizing time intervals.

    Key Takeaways:
    • Advanced threats stealth and persistency mechanisms
    • Methods to minimize detection and analysis timeframes when confronting advanced and targeted threats
    • What tools can be used to facilitate detection and response for advanced threats
  • Outthink Mobile Malware: Learn how to protect your mobile devices Outthink Mobile Malware: Learn how to protect your mobile devices Adrian Davis, MD (ISC)² EMEA, Kaushik Srinivas, Strategy & Product Management for IBM Security Recorded: May 31 2016 61 mins
    The popularity of the smartphone and the bring your own device (BYOD) phenomena has given way to a new era in cybercrime – the era of mobile in which cybercriminals increasingly target phones and tablets as an attack vector. In fact, at any given time, mobile malware is infecting millions and millions of mobile devices globally, enabling criminals to get their hands on your personal information and money.
    2015 was witness to the largest and most notorious mobile malware attacks in history. Considering that the number of smartphone users worldwide will surpass 2 billion in 2016 (emarketer), mobile app downloads will have increased to 268 billion (Gartner) by 2017, and that most companies have dedicated very little resources towards mobile application security, the industry is ripe for even bigger malicious attacks. Mobile malware will continue to grow, being destructive and costly to corporations and users.
    Join (ISC)² EMEA and IBM as we demonstrate the effects of mobile malware and how to arm organisations to protect themselves against this growing concern.
  • SOC Aufbau und Optimierung – Make or Buy? SOC Aufbau und Optimierung – Make or Buy? Sven Schriewer, Director, FireEye as a Service, FireEye Recorded: May 31 2016 32 mins
    Ein Security Operations Center (SOC) soll aufgebaut oder erweitert werden. Jede derartige Investition erfordert eine Make-or-Buy Entscheidung.

    In diesem Vortrag erläutern wir zunächst, welche Funktionen ein SOC erfüllen sollte und mit welchen Kosten zur Erfüllung der Anforderung zu rechnen sind. Dann gehen wir auf die Herausforderung ein, Mitarbeiter für das SOC zu rekrutieren. Wir zeigen auf, welche quantitativen und qualitativen Kriterien für eine Make-or-Buy Entscheidung speziell bzgl. eines SOC relevant sind.
  • Neue Betrügerische „Hochstapler-Emails“ - Geschäftsführung als Angriffsvektor Neue Betrügerische „Hochstapler-Emails“ - Geschäftsführung als Angriffsvektor Marc Lindenblatt, Presales Engineer Proofpoint Recorded: May 31 2016 40 mins
    Proofpoint stellt neue dynamische Sicherheitslösung gegen betrügerische Emails vor

    Erfahren Sie in unserem Live-Webcast am 31. Mai, mehr über die Motivation und Folgen betrügerischer E-Mails und wie Proofpoint Unternehmen hilft, betrügerische E-Mails automatisch zu erkennen und vor Cyber-Kriminellen geschützt zu bleiben.
    Betrügerische E-Mails sind aufwendig erstellte Anfragen, die vorgeben von der obersten Führungsebene zu kommen und im letzten Jahr um mehr als 270 Prozent zugenommen haben. Die betrügerische E-Mail ist eine Bedrohung, die Mitarbeiter dazu verleiten soll, Gelder oder persönliche Informationen an Cyber-Kriminelle zu senden. Sicherheits-Tool werden sie nicht alarmieren. Es gibt keinen Erpresserbrief. Ihre Systeme laufen weiter und alles scheint wie immer. Das genau ist der Punkt.

    Erfahren Sie in dem Webcast
    • Wie diese betrügerischen Emails aussehen und warum sie so „gut“ funktionieren
    • Welche Auswirkungen diese betrügerische Emails auf die Security-Landschaft haben
    • Warum dynamische Analysen helfen, Unternehmen und deren Mitarbeiter zu schützen
  • Assumption of Attack Webinars series #4: Hybrid Cloud Security (Francais) Assumption of Attack Webinars series #4: Hybrid Cloud Security (Francais) Amine Belaouedj, EMEA Sr Sales engineer at Trend Micro Recorded: May 30 2016 30 mins
    Le 18 février, nous avons lancé notre série de webinaires intitulée « Assumption of Attack » illustrant la protection exhaustive et avancée qu'offre notre suite logicielle Smart Protection Suite, une solution particulièrement efficace face aux cybercriminels.

    Le cinquième épisode de notre série de webinaires portera sur la sécurité du Cloud hybride.

    Que vous souhaitiez mettre l'accent sur la sécurité des environnements physiques, virtuels ou cloud, vous découvrirez comment protéger vos données et éviter les interruptions d'activité tout en vous conformant aux réglementations.
  • Assumption of Attack Webinars series #6: Web and Collaboration (English) Assumption of Attack Webinars series #6: Web and Collaboration (English) David Byrne, Senior Sales Engineer, Trend Micro. Recorded: May 30 2016 18 mins
    You should assume that during 2016 your data will be subject to an attack from Cyber Criminals. Therefore you need to ask yourself… Where are you most vulnerable? What door has been left open?

    Our final webinar will look behind Door 6, Web and Collaboration. How can you secure real-time collaboration and inappropriate content from impacting your business?
  • Assumption of Attack Webinars series #6: Web and Collaboration (Spanish) Assumption of Attack Webinars series #6: Web and Collaboration (Spanish) Antoine Mahuzier, Senior Sales Engineer, Trend Micro. Recorded: May 30 2016 14 mins
    Este es el último seminario de nuestra serie de seminarios Web titulados “Assumption of Attack” que lanzamos el 18 de febrero para demostrar cómo nuestra solución líder de mercado Smart Protection Suite proporciona una protección multicapa para su empresa.

    Nuestro sexto y último seminario Web abrirá la puerta n.º 6 para hablar de la "Web y la colaboración". ¿Cómo puede lograr una colaboración en tiempo real segura y evitar a la vez que el contenido inapropiado tenga un impacto negativo en su negocio?
  • Cloud on your terms: make the most of your infrastructure investments Cloud on your terms: make the most of your infrastructure investments Tyler Cooper Technology Architect; Albert Wolchesky Senior Technology Architect, Microsoft Corporation Recorded: May 27 2016 32 mins
    Why choose between your datacenter and the cloud? A hybrid cloud solution gives you both.

    You have already invested in server products that are on premises. You believe that Cloud is the future and the power of the Cloud can open up countless opportunities for people to do more and achieve more. But how can you leverage the Cloud given your current infrastructure?

    Join this webcast to learn Hybrid Cloud options as well as how to extract value from your existing investments by:

    - Expanding your options without adding complexity
    - Easily moving workloads from your datacenter
    - Building hybrid applications that leverage both on-premises and cloud resources
    - Taking advantage of storage, backup, and recovery options with increased efficiency and reduced cost.
  • The Four Biggest Blind Spots to Network Protection The Four Biggest Blind Spots to Network Protection Julian Matossian, Senior Product Manager, and Nick Kelly, Director of Product Marketing Recorded: May 26 2016 44 mins
    If you can’t see what’s on your network, then you can’t control it.

    As new technologies emerge each day, so do the associated security threats - are you confident that you can see them before they wreak havoc on your network? 86% of executives aren’t, believing there are gaps in their ability to see what’s really going on inside their network.

    Join Julian Matossian, Senior Product Manager, and Nick Kelly, Director of Product Marketing, as they delve into the current state of network visibility: the challenges, blind spots, and most importantly, the solutions to help illuminate your network.

    Having the right security measures in place is only half the battle – you need to know exactly what they’re protecting you from.
  • Cyber Lay Of The Land: What The Numbers Tell Us Cyber Lay Of The Land: What The Numbers Tell Us Jay Jacobs, Aloysius Tan, Chad Hemenway Recorded: May 26 2016 61 mins
    What were the overall trends in cyber breaches, and what does this mean for organizations and the third party vendors with whom they work?

    In this webinar, Advisen, an insurance analytics firm, will analyze cyber breaches and identify ebbs and flows throughout 2015 and into 2016. Panelists will then take the unprecedented step of correlating the data Advisen and Bitsight possess to take an even deeper dive to find possible threats to an organization’s cybersecurity — giving all stakeholders greater visibility into the cyber posture of organizations as well as their third party vendors.

    Panelists

    Jay Jacobs, Senior Data Scientist, BitSight
    Aloysius Tan, Product Manager, Advisen
    Chad Hemenway, Managing Editor, Advisen (moderator)

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Don't Bloat The Hypervisor! What to Know About Introspection
  • Live at: Feb 23 2011 5:00 pm
  • Presented by: Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
  • From:
Your email has been sent.
or close
You must be logged in to email this