More organizations than ever are deploying virtualization technologies and some are taking this to the next level by building private cloud infrastructure. Many are also leveraging hybrid and public cloud models to save money and gain efficiency in platform and application hosting, or by using Software-as-a-Service tools. But leveraging virtualization and cloud capabilities has a number of security and compliance ramifications. Many security teams are finding that cloud service providers do not have comparable security controls in place or that the providers aren't able or willing to share audit data with them. Contract requirements may not be taking security and compliance into account either, and there are a lot of risk management questions going unanswered. At the SANS Cloud/Virtualization Security Summit, you can get some of those questions answered, in many cases directly from customers who have worked to solve the problems already.
