Classification software development kits from ecosystem, to integrate

Classification of Attack Surfaces

§  VSphere Product.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

§  DevKit / tools
cross cut.

§  Certification tools

§  Certified

§  Foundation and
Integrated attack surfaces


VSphere product level security

This is mostly handled by product security team and every aspect
of product documentation must be followed as it is.

Certification Development
kit level

We provide many different
types of software development kits from ecosystem, to integrate partner
products with vSphere. Below is the list of integration program. Backed with
underlying foundation programs. Currently all the security checks are done at
individual level in isolation. Which is risky, reason being if we see the entire
product portfolio from SDDC, EUC level, Offprem-Apps we see the missing
security check gap for the integrated product portfolio.



Developer center program lifecycle


Development kit includes tools and resources
needed during the development for Server plug-ins, driver development kits,
Storage Hardware plug-ins.
Turnkey Appliances, storage and Virtual desktop Infrastructure
(VDI) tools etc…



Certification tools that
allows partners to test the reliability and stability of their product/solution
that’s been built using one of the above dev kits to meet VMware Certification
listing requirements.

If we go deeper into the
above categories then we can list down many more granular components which
would require security hardening.

Development kit level

§  The dev kit components itself.

§  Workbench appliance.

§  The final product that’s created using
these devkits.


Certification kit level

The cert components itself.

§  Network configurations.

§  Test API’s.

§  Test Database Server configurations.

§  Test Web server configurations.

§  Fault tolerant test systems and

§  Third party tools that’s used for

The final certified components