Whitepaper: Virtual Machine Security Guidelines

The Center for Internet Security (CIS), a popular neutral entity developing security guidelines and benchmakrs for operating systems and security products, just released first edition of its guide for virtualization environments Virtual Machines Security Guidelines.

The 30-pages whitepaper details a list of possible threats for virtual machines and a series of common sense security measures to apply to guest operating systems.

This list doesn’t detail hardening of each OS since other CIS documents already cover these topics extensively. If hardening procedures are already enforced, this document doesn’t add any extra layer of security.

The guide doesn’t even cover hypervisor hardening, which is the real critical part to protect. CIS plans to release an addendum just for VMware ESX Server.

Read the whole whitepaper at the source.