Software is usually affected by some kinds of security vulnerabilities. Vulnerabilities can be classified into several types, in order to ease their impact analysis, providing a common thought framework. Virtualization products aim to allow users to abstract the physical hardware details and provide them with means to install multiple virtual machines. Some virtualization users often tend to forget or ignore that this additional software layer exposes them to additional attack vectors and potential vulnerabilities. In this paper, we analyze the known vulnerabilities for VMware, a well known virtualization product.
Containers seem like an interesting technology for many virtualization and cloud scenarios, specially for hosting providers looking to support more virtual machines or service instances in a physical host.
Check this video for an overview: “Containers and the Cloud: Do You Need Another Virtual Environment? – James Bottomley, Parallels”