Infrastructure -> Infrastructure Hardening: Applications are running in virtualized environments
Risk and Opportunity
Risk: Through a vulnerability in one service on a server, the attacker gains access to other services.
Opportunity: Application are running in virtualized envirnoments
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Very High
OWASP SAMM 2 Mapping: o-environment-management|A|1