VMware's Tardy Security Move

Just a few days after a critical vulnerability was discovered in VMware's Windows desktop software, the vendor has ramped up its broader security story.

VMware today announced its VMsafe technology, which it claims will make virtual data centers safer than physical environments.

The virtualization trailblazer has built APIs into VMsafe that it says will enable security vendors to harden VMs against viruses, Trojans, and keyloggers.

Some 20 security vendors have already signed up to work with the VMsafe APIs, although I can't help wondering why this program is being launched now, years after firms started to deploy virtualization.

More than two years ago, for instance, VMware rushed to issue fixes after it was hit with a vulnerability that put its major product lines at risk of code execution attacks.The topic of virtualization security (or more precisely, the lack of it) also was high on the agenda at last year's VMworld conference, with even chip giant Intel warning that VMs can open the door to a new wave of security threats.

Virtualization may be in its relative infancy, but state-of-the-art VM security cannot come fast enough. I suspect that we will need more than a couple dozen security vendors playing with the VMsafe APIs to keep one step ahead of the bad guys.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.