John Reeman

John Reeman graduated in 1991 with a BSc (Hons) in Software Engineering from the University of Central Lancashire.

John started his career working as a security engineer at Integralis in the UK. After a year working for Integralis, John took a year out travelling the world and spent six months in Australia where he contributed to the establishment of the Asia Pacific branch of Content Technologies whose MAILsweeper product was one of the world's leading email gateway content solutions.

John has also worked as a consultant for a number of specialist IT security service providers in the UK, including Centurycom and Kvaerner, before setting up his own company, Nebulas Solutions Group in 2001. There, he was responsible for the technical strategy and vision of Nebulas as well as building a security consultancy team which has long been at the forefront of research into virtualisation security. In 2008 John designed and developed his own security assessment tool (VMinformer) for analyzing the security posture of virtual environments.

The author of many articles on the subject of virtualisation security, John is a contributing author to the Centre of Internet Security (CIS) benchmarks and to several VMware hardening guidelines.

John recently joined Symantec as a Principal Consultant based in Sydney working for Consultancy Services Asia Pacific division. His role involves developing Symantec's security service offerings around Virtualization, Mobility and Web technologies which is in-line with Symantec's Megatrends and key to their growth.

AusCERT2012 Presentation

It's time to wake up and smell the virtsec gravy!

Virtualization is pervasive, global and changing the foundations of IT infrastructure globally. Despite the advantages of virtualization it creates some unique security challenges that if ignored will bring about a system failure of the like we have never seen before. We have already seen examples of security breaches involving trivial attacks on virtualization infrastructures to know this is the case.

We have an over confident system, and we only have to look at what happened in the financial markets to know we have a time bomb waiting to happen. The poor administrators who look after these systems though will be the ones who have to pick up the pieces and you can't blame them, they may have lacked expertise but with a system that is dynamic and moving at such a fast pace they don't stand a chance.

If you think this is pure hype and it won't happen then I present vSAM (virtualization security attack monkey) a proof of concept attack vector for complete p0wnage of virtualization frameworks (demo showing proof of concept attack / exploit ).

It's that simple, so where do we go from here...

It's not too late to do something, don't be complacent, wake up and smell the coffee before it's over...

AusCERT2012 Presentation in PDF format