Enterprise IT Watch Blog

May 18 2010   2:30PM GMT

Virtualization as a security testing platform?

Kevin Beaver Kevin Beaver Profile: Kevin Beaver

Virtualization has many obvious benefits, but the one that stands out to me is being able to use it for security vulnerability testing. One of the things that has frustrated me the most over the years is how security testing tools will junk up your system – especially Windows. Install enough vulnerability scanners, network analyzers and so on over time and you’ll undoubtedly be cussing like a sailor when system slow downs, instability and blue screens of death creep into your work. Oh, not to mention the ever-frustrating situation whereby your anti-virus software “cleans” your vulnerability testing tools right off of your system!

The neat thing with virtualization software such as VMWare Workstation, VirtualBox and the lesser-known Windows XP Mode in Windows 7 (that I recently wrote about for SearchEnterpriseDesktop.com) is that you can create a virtual security testing environment to muck up as much as you’d like without having to worry about affecting your day-to-day productivity by creating problems on your local system. When problems do arise in your virtual environment, you can simply fall back to an older image that works, or just quickly recreate a new one.

I know it seems like it’d be easier to have a dedicated computer to run your security tests from. However, doing everything on one system increases efficiency when you need to be mobile and share files between the host and virtualized systems. Plus, it gives you an excuse to invest in a high-end  laptop that you may not be able to justify otherwise.

Kevin Beaver is an independent information security consultant, keynote speaker, and expert witness with Principle Logic, LLC and a contributor to the IT Watch Blog.

2  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Are password rules just bad magic? | Locks
    [...] Virtualization as a security testing platform? – Enterprise IT … [...]
    0 pointsBadges:
  • Virtualization as a security testing platform? – Enterprise IT … | VirtualizationDir - Top Virtualization Providers, News and Resources
    [...] link: Virtualization as a security testing platform? – Enterprise IT … Plurk This Post Delicious Digg This Post MySpace Ping This Post Reddit This Post [...]
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: