Implementation -> Infrastructure Hardening: Isolated networks for virtual environments
Risk and Opportunity
Risk: Virtual environments in default settings are able to access other virtual environments on the network stack. By using virtual machines, it is often possible to connect to other virtual machines. By using docker, one bridge is used by default so that all containers on one host can communicate with each other.
Opportunity: The communication between virtual environments is controlled and regulated.
- istio, , Tags:
- bridges, , Tags:
- firewalls, , Tags:
Usefulness and Requirements of this Activity
Usefullness: Very High
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Medium
OWASP SAMM VERSION 2
- virtual environments are not explicitly covered by ISO 27001 - too specific