Clik here to view.
State of Virtualization Security ‘14
First of all, I hope you all had a good start to 2014. Having some time off “between the years” (which is a German saying for the time between Christmas and NYE), I caught up on several virtualization...
View ArticleClik here to view.
Exploiting Hyper-V: How We Discovered MS13-092
During a recent research project we performed an in-depth security assessment of Microsoft’s virtualization technologies, including Hyper-V and Azure. While we already had experience in discovering...
View ArticleClik here to view.
Cisco Cloud Services Router 1000V and the Virtual Matryoshka
Recently we started playing around with Cisco’s virtual router, the CSR 1000V, while doing some protocol analysis. We found Cisco offering an BIN file for download (alternatively there is an ISO file...
View ArticleIPv6 Requirements for Cloud Service Providers
Some weeks ago, at RIPE 68 in Warsaw, Sander Steffann gave a presentation about revising RIPE 554 which, in his own words, “is a template guideline for procurement of stuff that should do IPv6” (here’s...
View ArticleCloud Security & Trust
Hi, I gave a presentation on Cloud Security, Compliance & Trust the other day. The basic message was to look beyond the Cloud buzzword and see the actual technologies which are used, understand...
View ArticleA Trip to Hannover Messe
Once every few years I decide to head to Hannover and attend Hannover Messe, probably the largest industrial trade fair in Germany and apparently on of the most important in the world. As this year’s...
View ArticleSIGS DC Day
Today I had to give the pleasure to give a keynote at the SIGS DC Day on the need to evaluate Cloud Service Providers in a way that looks behind (or at least tries to) security whitepapers and...
View ArticleCSA Summit CEE and BSides Ljubljana 2017
At the end of last week I had the pleasure to visit the CSA Summit CEE and the Bsides Event in Ljubljana. At CSA, I was talking about hypervisors, breakouts and an overview of security measures to...
View ArticleAuditing AWS Environments
Introduction Related to our new TROOPERS workshop “Jump-Starting Public Cloud Security”, this post is going to describe some relevant components which need to be taken care of when constructing and...
View Article#TR18 Defense & Management Summaries
This blogpost contains summaries of talks from this year’s TROOPERS18 Defense & Management Track. All Your Cloud Are Belong to Us The talk “All Your Cloud Belong Are Belong to Us” was held by Nate...
View Article
