Securing the Virtual Environment and over one million other books are available for Amazon Kindle. Learn more
Qty:1
  • List Price: $49.99
  • Save: $13.31 (27%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Securing the Virtual Envi... has been added to your Cart
Condition: Used: Like New
Comment: Nice Clean Copy. Appears Never Used. Sealed CD.
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Securing the Virtual Environment, Included DVD: How to Defend the Enterprise Against Attack Paperback – May 8, 2012

ISBN-13: 978-1118155486 ISBN-10: 1118155483 Edition: 1st

Buy New
Price: $36.68
28 New from $9.98 26 Used from $4.25
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$36.68
$9.98 $4.25
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now
$36.68 FREE Shipping. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Securing the Virtual Environment, Included DVD: How to Defend the Enterprise Against Attack + Virtualization Security: Protecting Virtualized Environments + Securing the Cloud: Cloud Computer Security Techniques and Tactics
Price for all three: $120.27

Buy the selected items together
NO_CONTENT_IN_FEATURE

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 456 pages
  • Publisher: Wiley; 1 edition (May 8, 2012)
  • Language: English
  • ISBN-10: 1118155483
  • ISBN-13: 978-1118155486
  • Product Dimensions: 7.4 x 1 x 9.3 inches
  • Shipping Weight: 1.6 pounds (View shipping rates and policies)
  • Average Customer Review: 4.8 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Best Sellers Rank: #920,121 in Books (See Top 100 in Books)

Editorial Reviews

Review

Anyone who is serious about virtualization security should certainly make sure that Securing the Virtual Environment: How to Defend the Enterprise Against Attack is on their reading list, and that of every security administrator in their company. (RSA Conference, 7th May)

From the Back Cover

Defend your virtual environment from attacks

Your virtual environment might be a prime target for hackers and attackers who want to steal data or exploit your resources. This book arms you with the knowledge and tools to safeguard your virtual and cloud environments against external and internal threats. You'll gain insight into how to avoid denial of service, log and audit activity, protect virtual networks from eavesdroppers, and harden virtual servers. If your job involves protecting assets in virtual and cloud environments, this book will be invaluable to you.

  • Perform vulnerability assessments of your virtual environment to uncover security weaknesses

  • Learn how attacks in a virtual model differ from traditional computing models and how to best use technology and processes to defend yourself

  • Learn how attackers use and abuse APIs to manipulate and gain entry to virtual environments

  • Understand the risks of Software as a Service and how to get the protection you must have

  • Be ready for audits by ensuring that your virtual and cloud environments comply with standards and regulations such as PCI DSS and ISO 27001

  • Build your own low-budget virtualized test lab for hands-on evaluation of attacks and to practice prevention and response

ON THE DVD

Use the files on the DVD to follow along with the hands-on examples, or use them as the basis for your own code. Using the code and the book, you can

  • Conduct a "hypervisor escape", breaking out of a virtual machine into the host system

  • Load the included, ready-made penetration testing virtual machine—which is preloaded with tools such as nmap, ettercap, the Open VAS vulnerability scanner, and more—directly into your virtual environment

  • Test the security posture of your Xen or VMware environment using automated scripts that peek at virtual disks and copy or modify virtual machines

  • See the code used for hands-on exercises in the book that audit or attack virtual environments

Customer Reviews

4.8 out of 5 stars
5 star
75%
4 star
25%
3 star
0%
2 star
0%
1 star
0%
See all 4 customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

8 of 8 people found the following review helpful By Ben Rothke on May 7, 2012
Format: Paperback
One of the selling points around virtualization is about its perceived added level of security. But virtualization, like any other piece of software can be implemented incorrectly, and itself have flaws.

Last year, NIST came out with SP 800-125, Guide to Security for Full Virtualization Technologies. The guide is intended for system administrators, security program managers, security engineers and anyone else involved in designing, deploying or maintaining full virtualization technologies.

NIST SP 800-125 recommends organizations do the following:
* secure all elements of a full virtualization solution and maintain their security
* restrict and protect administrator access to the virtualization solution
* ensure that the hypervisor, the central program that runs the virtual environment, is properly secured
* carefully plan the security for a full virtualization solution before installing, configuring and deploying it

All good items to do; but at 25 pages, SP 800-125 is clearly inadequate to cover all of the details around how to securely use virtualization. With that, Securing the Virtual Environment: How to Defend the Enterprise Against Attack, by Davi Ottenheimer and Matthew Wallace is a great new book that that provides a comprehensive overview on how to secure systems and defend against attacks on virtualized environments.

The book takes a very strong approach that in order to secure virtualization effectively, one needs to understand how adversaries will attack a virtualized environment. The authors provide numerous details on how to precisely do that.

The book is a highly technical guide meant for those designing, deploying and administering virtualized systems.
Read more ›
1 Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By David Shackleford on July 1, 2012
Format: Paperback
I have been meaning to get to this review for a while, as I have had the book since it came out. In a nutshell, Davi and Matthew have done a fantastic job outlining general premises of virtsec, as well as detailed attack methods and examples for all aspects of a typical virtual environment. My general notes on each chapter are as follows:

1. "Virtualized Environment Attacks" - this chapter lays out a lot of terminology and general theory on virtualization and why it's vulnerable technology. This book is really geared towards a security audience, so I found a lot of the infosec basics in this chapter unnecessary, but I see why they're there.

2. "Attacking from the Outside" - this chapter breaks down the differences between outside and internal attacks, and show why and how roles and privileges play a big role in the security ecosystem, especially around virtualization. Great discussion and examples on some basic technology issues, like reliance on certificates and automated patching.

3. "Making the Complex Simple" - Really cool chapter on enumeration of virt and cloud systems and applications. How to time attacks, how to "read between the lines" on scanner output when looking at cloud infrastructure, etc.

4. "Denial of Service" - Those of us in the virtsec space know how DoS attacks can be executed differently in virtual environments, but the authors do a nice job of breaking these attacks down. Covers all manner of DoS attacks, including authentication DoS, remote packet-based DoS, resource over-consumption DoS, and more.

5. "Abusing the Hypervisor" - One of my two favorite chapters in the book. The authors explain how hypervisors are constructed, and how kernel attacks are possible and subtly different when done in virtual environments.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
By Virgie on November 24, 2014
Format: Paperback Verified Purchase
interesting
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
0 of 1 people found the following review helpful By Nonya on August 17, 2013
Format: Paperback Verified Purchase
Great book at a good price as described with rapid delivery. This book is an interesting read and I would recommend this book to anyone looking into securing the virtual environment
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Securing the Virtual Environment, Included DVD: How to Defend the Enterprise Against Attack
This item: Securing the Virtual Environment, Included DVD: How to Defend the Enterprise Against Attack
Price: $36.68
Ships from and sold by Amazon.com