VMware Moves To Protect Applications Living On The Hypervisor

On the heels of a file sharing flaw uncovered earlier this week by a security firm, and the announcement of a number of security patches, virtualization leader VMware says it plans to release an API for third-party security applications.It's an initiative VMware calls VMsafe, and it aims to protect applications running within virtual machines. VMsafe will enable security vendors to build their applications to integrate with the Hypervisor. Essentially, the hypervisor is a layer of software that runs independent of the primary operating system and manages virtual machines.

According to a statement from VMware, VMsafe will provide security software makers access to the memory, CPU, and I/O systems of the virtual machine.

So far, about 20 security vendors have signed up, including Blue Lane, Cenzic, Check Point Software, F5, Fortinet, IBM, and Symantec.

"Symantec is exploring opportunities with VMware to deliver security solutions to customers using VMware environments," said Bruce McCorkendale, an engineer at Symantec in a statement. "We expect the VMsafe technology to be a key enabler in our ongoing efforts."

These APIs are definitely a step in the right direction, and will provide for more security options when it comes to locking down virtual machines. The catch, however, is that the more APIs that are created also creates more potential attack points. The devil, as always, will be in the details, and the implementation.