Explore a 38-minute conference talk from Black Hat that delves into Alcatraz, a practical hypervisor sandbox designed to prevent escapes from KVM/QEMU and KVM-based MicroVMs. Learn about the evolution of cloud computing, from traditional virtual machines to containers, and the security challenges that arise with each technology. Discover how recent container architectures leverage hypervisor technology to enhance isolation, and understand the remaining vulnerabilities that attackers can exploit. Presented by Seunghun Han, this talk provides valuable insights into the ongoing battle to secure virtualized environments in the era of DevOps and serverless architecture.
Alcatraz - A Practical Hypervisor Sandbox to Prevent Escapes from the KVM - QEMU and KVM-Based MicroVMs
Overview
Syllabus
Alcatraz: A Practical Hypervisor Sandbox to Prevent Escapes from the KVM/QEMU and KVM-Based MicroVMs
Taught by
Black Hat
Related Courses
-
Hunting and Exploiting Recursive MMIO Flaws in QEMU KVM
-
MVM - An Embedded KVM-Based Hypervisor Solution
-
Analyzing Nested CVM Performance on KVM/QEMU and Linux Root Partition for Hyper-V - Comparative Study
-
Analyzing Nested CVM Performance on KVM/QEMU and Linux Root Partition for Microsoft Hyper-V/Cloud-Hypervisor
-
Escape From The Docker KVM QEMU Machine
-
Myth and Truth About Hypervisor-Based Kernel Protector - The Reason Why You Need Shadow-Box
