Escalating Insider Threats Using VMware's API
Enterprises often require that their IT teams have no access to data kept inside the machines they administer, a separation that is crucial for compliance, privacy and defense in depth. To this end, industries use VMWare's rich security model to separate the infrastructure domain from the guest machine domain. For example, most companies allow their IT teams to create, modify, backup and delete guest machines, but deny them guest machine operation functions such as file manipulation and console interaction.
By Ofri Ziv
Full Abstract & Presentation Materials:
https://www.blackhat.com/us-17/briefi...