Home
Topics
Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection
Cloudburst VM escape

Definition

Cloudburst VM escape

Cloudburst virtual machine escape is an exploit method that enables a guest-level virtual machine (VM) to attack its host. The method takes advantage of a flaw in VMware Workstation working in conjunction with Cloudburst, IBM's cloud service provisioning software for cloud providers.

In a virtual machine escape, an attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. A VM escape gives the attacker access to the host operating system and all other virtual machines running on that host.

Research firm Kostya Kortchinsky Immunity Inc. developed the Cloudburst VM escape method.

Related glossary terms: hypervisor security, virtual firewall, BIOS rootkit , AV storm, blue pill rootkit, BIOS rootkit attack

This was last updated in April 2012

Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchCloudSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Cross-VM side-channel attacks: How to defend cloud infrastructures

Expert Dave Shackleford analyzes the likelihood and effects of cross-VM side channel attacks in the cloud and offers mitigations for concerned users.
Post-implementation virtualization security issues

Security pros must be aware of complications that can develop after a virtualization deployment.
Bromium launches Windows PC security product

Company uses virtualization technology to isolate malware from the rest of the system.

Articles

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

Security
Security Channel
Security UK
Cloud computing
Server Virtualization
VMware

Security
- Using network flow analysis to improve network security visibility
  
  To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.
- Sourcefire updates malware detection, malware analysis capabilities
  
  New features for detecting and analyzing malware in Sourcefire's FireAMP and FirePOWER products supplement flagging signature-based antimalware.
- Goals for how to become a CISO if you're a security technologist
  
  Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A.
Security Channel
- Websense Partner Program
  
  Learn about bandwidth management vendor Websense's partner program in this standardized checklist.
- Tripwire, Inc. Partner Program
  
  Learn more about configuration control software vendor Tripwire, Inc.'s partner program in this standardized checklist.
- Configuring privilege levels
  
  This section of the chapter excerpt focuses on supporting multiple administrative levels of router configuration.
Security UK
- Infosecurity 2012: IPv6 challenges to network security
  
  In this video interview, Ian Kilpatrick of Wick Hill discusses the IPv6 challenges that small and medium businesses are just beginning to address.
- Apache DDoS vulnerability requires immediate update to avoid threat
  
  Apache has released an updated version of its Web server to address a DDoS vulnerability, for which exploit tools have been found in the wild.
- Learn how to utilize a free spam-filtering service for your SMB
  
  Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.
Cloud computing
- Sequestration stymies federal government cloud ambitions
  
  The federal government is under mandates to consolidate data centers and deliver IT as a Service, but sequestration makes this easier said than done.
- VMware charges into public cloud IaaS fray as Dell exits
  
  Dell will discontinue its OpenStack and VMware vCloud-based public cloud offerings as VMware delivers its vCloud IaaS.
- Cloud migration obstacles remain for heavily regulated industries
  
  Financial, government and healthcare industries must overcome data security breaches and regulatory issues for a successful cloud migration.
Server Virtualization
- Strike a common-sense balance when deciding what to automate
  
  Consider the many factors that determine the potential return on investment when deciding when and what to automate.
- How can I enable automated VM resource provisioning?
  
  As with many other facets of virtualization, VM resource allocation is becoming automated. Find out what tools you can use for automated provisioning.
- Columbia Sportswear's move from virtualization to private cloud computing
  
  Columbia Sportswear parlayed server virtualization into a private cloud. Along the way, it found that its management tools needed serious rethinking.
VMware
- VMware vCloud Director evaluation guide: Five use cases to consider
  
  VMware vCloud Director brings cloud computing features to vSphere shops, but it's a significant investment that warrants serious evaluation first.
- Tough Metro vMotion requirements make for a dream infrastructure
  
  VMware's Metro vMotion requirements for networking, storage and vCenter keep live VM migration between data centers just a dream for most IT shops.
- IT, meet security: Why vSphere security is all about collaboration
  
  Strong vSphere security comes from collaboration and the right server virtualization security tools and processes.

All Rights Reserved,Copyright 2011 - 2013, TechTarget