Author Description

A Step-by-step Guide To Identifying And Defending Against Attacks On The Virtual Environment As More And More Data Is Moved Into Virtual Environments The Need To Secure Them Becomes Increasingly Important. Useful For Service Providers As Well As Enterprise And Small Business It Professionals The Book Offers A Broad Look Across Virtualization Used In Various Industries As Well As A Narrow View Of Vulnerabilities Unique To Virtual Environments. A Companion Dvd Is Included With Recipes And Testing Scripts. Examines The Difference In A Virtual Model Versus Traditional Computing Securing The Virtual Environment; Contents; Introduction; Chapter 1 Virtualized Environment Attacks; A Brief Introduction To The Cloud; Flavors Of Cloud; Powering The Cloud; Why The Cloud Is Here To Stay; Managing Cloud Security; Principles Of Information Security; Information Assets; Potential Threats; Potential Vulnerabilities; Potential Consequences; Incremental Risk Mitigation; Deny By Default; Never Trust Input; Assume The Worst; Confidentiality, Integrity, And Availability; The Human Factor; Managing Cloud Risks; Asset Management; Vulnerability Assessment; Communication Authentication And Authorizationsoftware; Managing Cloud Compliance; Defining Compliance And Security; Making Use Of Warnings; Cloud And The Pki; Summary; Chapter 2 Attacking From The Outside; Who Is An Outsider?; Hr Policies And Procedures; Contracting And Outsourcing Talent; Friends And Family Discount; Configuring Cloud Audit Logs; Keeping Tabs On Accounts; Extending And Trusting Communication; Delegating And Spreading Roles In Order To Scale; Novice Users Empowered By Cloud Environments; Outsourced And Offshored Resources; Saas Software Development At Cloud Speed The Needs Of Bespoke Solutionsensuring Continuity; Underspecialization; How To Piggyback On Fixes; Sudo And Shell Logging; Spoofing A Certificate; Summary; Chapter 3 Making The Complex Simple; Looking Around Without Getting Caught; Checking To See If Anyone Is W