Security

The VMware vSphere Security Configuration Guide has long been the standard baseline for hardening VMware vSphere environments utilized by engineers across the world. As such, with the release of VMware vSphere 8.0, VMware also released a new version of the security configuration guide. For those familiar with implementing United States (U.S.) Department of Defense (DoD) Defense Information Systems Agency (DISA) STIGs, the guidance provided within the VMware vSphere 8 Security Configuration Guide should seem quite familiar.

In my previous post titled Introduction to VMware vRealize Automation SaltStack SecOps, I provided an introduction to VMware Aria Automation SaltStack Automation SecOps, as well as a brief history and overview of the product’s capabilities. In this post, I’ll dive deeper into the product’s compliance management capabilities. Compliance Checks Compliance checks are at the foundation of VMware Aria Automation SaltStack SecOps compliance management. These checks provide the information necessary to identify the purpose of the check, the operating systems it applies to, the rationale for the check, and, more importantly, the state file responsible for implementing/remediating the check.

Recently I began familiarizing myself with VMware vRealize Automation SaltStack Config in my home lab. While I'm still relatively new to the product, I was curious to learn more about the compliance and vulnerability management capabilities provided by the SecOps add-on. In this post, I introduce VMware vRealize Automation SaltStack SecOps and briefly review the various features and functionality provided by the product. In subsequent blog posts, I will give a more in-depth look at vulnerability management and compliance management capabilities.

Hot on the heels of the recent April 2022 VMware critical security advisory VMSA-2022-0011, which addressed eight CVEs within VMware Workspace ONE Access and VMware Identity Manager, VMware has released a new creitical security advisory VMSA-2022-0014. This advisory addresses two new security vulnerabilities (CVE-2022-22972 and CVE-2022-22973) in VMware Workspace ONE Access and VMware Identity Manager, with one rated as critical. Authentication Bypass Vulnerability - CVE-2022-22972 According to VMware, a malicious user with network access to the VMware Workspace ONE Access or VMware Identity Manager user interfaces may be able to obtain administrative access without needing to authenticate.

On April 22, 2022 the Defense Information Systems Agency (DISA) released the third update to the VMware vSphere 6.7 STIG. Version 1, Release 3 contains minor changes to the VMware vSphere 6.7 Photon OS STIG.