YoVDO

Escalating Insider Threats Using VMware's API

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Compliance Courses Insider Threats Courses

Course Description

Overview

Explore a critical security vulnerability in VMware's API that could allow insider threats to escalate privileges and bypass crucial security measures. Delve into how enterprises commonly use VMware's security model to separate infrastructure and guest machine domains, restricting IT teams from accessing sensitive data inside administered machines. Learn about a discovered method to exploit VMware's API, potentially enabling malicious insiders to manipulate files and interact with guest machine consoles despite lacking proper permissions. Gain insights into this 20-minute Black Hat conference talk by Ofri Ziv, which highlights the importance of robust security measures and the potential risks associated with seemingly secure virtualization environments.

Syllabus

Escalating Insider Threats Using VMware's API


Taught by

Black Hat

Related Courses

Security Principles
(ISC)² via Coursera
A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera
FinTech for Finance and Business Leaders
ACCA via edX
Access Control Concepts
(ISC)² via Coursera
Access Controls
(ISC)² via Coursera