Hypervisor and Management Plane Hardening
- Hypervisor and cloud management plane is prime target for attack
- allow access to the data for every instance
- Hypervisor security
- ensure proper configuration, updates, and patching standards are used
- restrict use of superuser accounts
- require MFA
- use logging and alerting
- limit access to authorized users
- encrypt VMs
- use secure boot for underlying hardware
- perform regular audits
Instance Isolation
- isolate each VM with logical controls
- limit access to others systems and Internet
- use firewalls and security group controls
- secure hypervisor layer to ensure VMs can’t access resources assigned to others
Host Isolation
- Underlying hosts must be physically and logically isolated from one another as much as possible
- network connections should be minimized and secured
- thorough network monitoring
- immediately recognize and respond to host escape activity