Security analyst's cookbook for virtual computing

Defend your virtual environment from attacks Your virtual environment might be a prime target for hackers and attackers who want to steal data or exploit your resources.

This book arms you with the knowledge and tools to safeguard your virtual and cloud environments against external and internal threats.

You′ll gain insight into how to avoid denial of service, log and audit activity, protect virtual networks from eavesdroppers, and harden virtual servers.

If your job involves protecting assets in virtual and cloud environments, this book will be invaluable to you.

Perform vulnerability assessments of your virtual environment to uncover security weaknesses Learn how attacks in a virtual model differ from traditional computing models and how to best use technology and processes to defend yourself Learn how attackers use and abuse APIs to manipulate and gain entry to virtual environments Understand the risks of Software as a Service and how to get the protection you must have Be ready for audits by ensuring that your virtual and cloud environments comply with standards and regulations such as PCI DSS and ISO 27001 Build your own low–budget virtualized test lab for hands–on evaluation of attacks and to practice prevention and response ON THE DVD Use the files on the DVD to follow along with the hands–on examples, or use them as the basis for your own code.

Using the code and the book, you can Conduct a "hypervisor escape", breaking out of a virtual machine into the host system Load the included, ready–made penetration testing virtual machine—which is preloaded with tools such as nmap, ettercap, the Open VAS vulnerability scanner, and more—directly into your virtual environment Test the security posture of your Xen or VMware environment using automated scripts that peek at virtual disks and copy or modify virtual machines See the code used for hands–on exercises in the book that audit or attack virtual environments