Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
  1. Moscone South

In the cloud, virtualization stack provides the basic capability to isolate multiple VMs. In past years, VM escape became the real threat. Malicious VM can utilize 0-day in virtualization stack to break the isolation. Intel CET is a new CPU feature to prevent ROP exploit, and MPX is a CPU feature to prevent buffer overflow. This session will show how to enhance virtualization stack utilizing CET/MPX.

Learning Objectives:
1: Understand VM escape details and threats in virtualization stack.
2: Learn about CET and MPX details.
3: Learn novel approach to protect virtualization stack with CET/MPX features.

Download pdf