CIS Releases Security Guidelines

Center for Internet Security and Configuresoft to unveil first CIS virtual machine security guidelines at VMworld 2007

Dark Reading Staff, Dark Reading

September 5, 2007

2 Min Read
Dark Reading logo in a gray background | Dark Reading

COLORADO SPRINGS, Colo. -- The Center for Internet Security (CIS) and systems management technology innovator Configuresoft, Inc., today announced availability of the first Virtual Machine Security Guidelines. In addition, CIS and Configuresoft will unveil a draft of the upcoming VMware ESX Server Benchmark at the 2007 VMworld conference in order to solicit input from attendees. VMworld 2007 will be held at the Moscone Center in San Francisco, Calif. from September 11 – 13, 2007.

In February, 2007, CIS and Configuresoft developed a benchmark working group and, with input from more than 200 virtualization and security experts from the commercial market and federal organizations, created the industry’s first virtual machine security benchmark. CIS benchmarks and guidelines are unique in the industry in that they are created via broad consensus. This benchmark extends and enhances the hardening guidelines offered by the manufacturers by consolidating the expert opinion of the world’s leading security experts.

Now, CIS is offering interested parties the opportunity to join the consensus process for its forthcoming benchmark which will provide further guidance for organizations as they secure their virtual systems deployed on VMware’s ESX servers. VMworld attendees can sign up to participate at Configuresoft’s booth #1120 and immediately share ideas and feedback.

As adoption of virtualization increases, analysts foresee security issues on the horizon. According to recent Gartner research 1 “Many organizations mistakenly assume that their approach for securing VMs (Virtual Machines) will be the same as securing any operating system (OS) and thus plan to apply their existing configuration guidelines and standards.” The report also states, “Through 2009, 60% of production VMs will be less secure than their physical counterparts.”

“While there are many benefits for data center virtualization, careful attention must be paid to the potential of new security threats born out of the additional complexity produced by virtualization,” said Bert Miuccio, Vice President, The Center for Internet Security. “With input from so many leaders and experts – as well as the broad consensus we will build as a result of VMworld – we are confident that the final versions of both important benchmarks will provide a solid roadmap for organizations as they secure their virtual environments.”

Configuresoft Inc.

The Center for Internet Security (CIS)

Read more about:

2007

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Pegasus Spyware concept with binary code background
Endpoint Security
WhatsApp: NSO Group Operates Pegasus Spyware for CustomersWhatsApp: NSO Group Operates Pegasus Spyware for Customers
byJai Vijayan, Contributing Writer
Nov 18, 2024
4 Min Read
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall BugPalo Alto Networks Patches Critical Zero-Day Firewall Bug
byBecky Bracken, Senior Editor, Dark Reading
Nov 18, 2024
3 Min Read
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS FilesChatGPT Exposes Its Instructions, Knowledge & OS Files
byNate Nelson, Contributing Writer
Nov 15, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events