The Next Security Frontier: Virtualization

Blog Post created by rapid7-admin on Dec 22, 2010

Originally Posted by Bernd Leger



Most pundits agree that virtualization is taking the industry by storm. Leading analyst group IDC is projecting that more than 70% of all server workloads installed on new shipments are expected to reside in a virtual machine by 2014. With organizations lining up left and right to climb on the virtualization bandwagon, the security aspect of deploying virtualized software is a lot more nebulous. While virtualized deployments provide significant cost saving potential, assets moving around in virtualized servers are a lot harder to stay on top of than those deployed in traditional physical server environments. Additionally, a breach in the virtualization layer can easily lead to a compromise of all hosted applications and data. At the same time, vendors have been following a similar steep learning curve in bringing their products up to speed with the latest technology evolution in virtualization.


Our vision at Rapid7 has always been that in order to provide a holistic view of an organization’s security and risk posture, we need to correlate the various threat vectors that could lead to an attack. We broke new ground as the first vendor to offer a unified vulnerability management solution, NeXpose that correlated vulnerabilities across the network, operating system, database and application tiers. We continued our product innovation when we acquired the world’s de facto standard for penetration testing platform, the Metasploit Project, and added the notion of exploitability directly into NeXpose. Virtualization is a natural evolution of our thinking. Maybe that is why the world’s leading provider of virtualized solutions is both a client and a partner today. With support for authenticated and remote vulnerability scans for VMware ESX and ESXi already in place in NeXpose, we are looking at how we can further help organizations to continuously lower their risk posture in both physical and virtual environments.

That’s why we are so excited to have
Christopher Young, VMware vice president and general manager and former RSA executive, join Rapid7’s board of directors. With his
significant security expertise, industry leadership and vision
around virtualization, Christopher bringsunique insight
into industry-shaping trends to Rapid7. We look forward to having Christopher further
help to define the exciting journey on which we’re embarking for virtualization
security and security management in general. Welcome Christopher!

Christopher Young,
Rapid7 Board Member,
VMware Vice President
General Manager