Archive for category cloud security and compliance

VMware Hardened Virtual Appliance Operations Guide

VMware recently released the Hardened Virtual Appliance Operations Guide. This whitepaper was written to assist with the additional components that an administrator may choose to implement on the hardened virtual appliances. You see VMware created a hardened virtual appliance “by embedding the technical requirements of the STIG in the design”. What the heck am I […]

Leave a comment

November’s Important VMware Security Links

Needless to say, my life has been crazy since joining VMware. My ability to update this site has been falling behind as I work on some amazing projects. I even took over the VMware Public Sector Blog.What I noticed today when I updated the Public Sector site because of a tweet I sent out, was […]

Leave a comment

PCI DSS and VMware

As much as I try to keep Security and Compliance separate because as you know, security and compliance are two totally different things, there are exceptions. You also know, compliance can sometimes help with regard to security. The number one standard where this is true is Payment Card Industry Data Security Standards or also known […]

Leave a comment

Security vs. Compliance

As a security evangelist, I talk security… but let me be clearer, I don’t talk compliance. Ok, so maybe I talk about compliance as well but one thing that I always stress is that security and compliance are not the same thing. Not even close. Compliance is a check box mentality. Well, to be specific… […]

Leave a comment

Why did they hack that site?… LivingSocial

According to LivingSocial, they were hacked a couple of weeks ago. Let me repeat that a site that sells deals to consumers… all kinds of deals from different merchants to different types of customers was hacked. You can shop for clothes, vacations, hair cuts, activities, just about anything. And they were hacked! I sent out […]

Leave a comment

VMworld 2013 – Voting and HoL

This will be my first year at VMworld as a VMworld employee. I am excited about the experience and wondering if it will feel any different. Technically I will be at VMworld because of the Hands on Labs. I through my hat into the ring because that’s just what I do. Right now it looks […]

Leave a comment

NIST Interagency Report 7904 – Trusted Geolocation in the Cloud

I can’t tell you how excited I am that my name is on this NIST document. I was working with my wonderful friend Tarik without knowing that this is what it would turn in to. Now let’s talk about it… The abstract for the document : This publication explains selected security challenges involving Infrastructure as a […]

Leave a comment

Security vSpecialist June 2012 Newsletter

Within the larger EMC vSpecialist team we have individual focus groups. The focus group that I am a part of is the security focus group. Shocking I know. Each month we try to get out a newsletter that gets sent to all vSpecialists. This newsletter identifies key events that have happened in the news, important […]

Leave a comment

FedRAMP : Cloud Controls to Manage Risk

Just like I did for FISMA, I wanted to review the Federal Risk and Authorization Management Program Security Controls (FedRAMP) current release and provide you with my view of it. They indicate the purpose of the document is to “list the security controls and corresponding enhancements that Federal Agencies and Cloud Service Providers (CSP) must […]

Leave a comment

Intel TXT Capabilities – I’m Loving It

Recently EMC and Intel paired up on a webcast to talk about the relationship between the two companies… they provided a new proof of concept. As much as I love this relationship and enjoyed the presentation ( I have included them below ), the capability that I am most interested in is the Intel Trusted […]

, , , ,

3 Comments

Follow

Get every new post delivered to your Inbox.