vSphere Security Shield

Creating an Asset Inventory for vSphere Infrastructure

posted

We often talk about how the two biggest ways to stay secure in IT are regular patching and good account & password hygiene. However, there is a big prerequisite to both of these, one that is almost always overlooked: an asset inventory. Without a comprehensive inventory of what devices, virtual machines, and OSes are your Read more...
VMware vSphere Encryption Icon

vSphere Tweet Chat Recap: National Cybersecurity Awareness Month

posted

Did you know that October is National Cybersecurity Awareness Month? To ensure VMware users are equipped with the knowledge to stay secure all 365, the vSphere team hosted a tweet chat featuring our experts. From the team we have, Mike Foley and Bob Plankers, who are both Technical Marketing Architects for vSphere Security who joined Read more...
vSphere Security Shield

vmx.reboot.PowerCycle Makes CPU Vulnerability Remediation Easy

posted

Update (10/22/2019): This feature has shipped in vSphere 6.0 P08 and 6.7U3, but has not yet shipped as part of a 6.5 patch or update release. Our apologies, and I will update this when it ships. Thank you! -Bob The biggest issue with remediating CPU vulnerabilities in a virtual environment is that, in most cases, Read more...
vSphere Security Shield

National Cybersecurity Awareness Month 2019

posted

It’s October so in the US it’s officially National Cybersecurity Awareness Month. As the US CERT website states, “National Cybersecurity Awareness Month (NCSAM) is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more Read more...
vSphere Security Shield

Microsoft Windows Server 2019 STIG & VMware vSphere

posted

Many of our security-conscious readers are familiar with DISA STIGs, the Security Technical Information Guides that the US Defense Information Systems Agency (DISA) publishes. These guides are wonderful in that they bridge the gap between compliance frameworks and infrastructure implementations. Compliance frameworks rarely specify what to do on & to an operating system to be Read more...
vSphere Security Shield

Security is a Team Sport

posted

There’s a growing idea in the greater VMware community that the role of the Virtualization Infrastructure Administrator (VI Admin) is changing. If you’ve been to a VMware User Group conference recently you will have seen & heard talks on this, how VI Admins are being asked to do new things and being offered opportunities outside of Read more...
vSphere Security Shield

vSphere Security at Security Field Day 2

posted

VMware was proud to continue our decade-long relationship with Tech Field Day by hosting the delegates of Security Field Day 2 (#XFD2) on June 20, 2019, sharing with them both the overall strategy for security in VMware products as well as very specific technical discussions around vSphere, vSphere Platinum, VMware AppDefense, and VMware WorkspaceOne. There Read more...
vSphere Security Shield

vSphere Compliance: Common Criteria, NIST 800-53, and DISA STIG

posted

Security is a hot topic everywhere in IT, but right behind it is its cousin, compliance. VMware vSphere is a great platform for organizations that have regulatory compliance needs. Hundreds of time-saving, easy-to-use, and flexible features in vSphere align closely with compliance frameworks, and VMware provides guidance on how to configure these features to meet Read more...
VMware Tools

Security Issue with VMware Tools: VMSA-2019-0009

posted

Vulnerability Summary Customers should be aware of an important issue with VMware Tools where a non-privileged user on a Windows VM could read information or cause problems in a VM running VMware Tools lower than 10.3.10. The official designation from VMware is VMSA-2019-0009 on the VMware Security Advisories page and mailing list. This vulnerability is Read more...