This document specifies security guidelines for the design and implementation of VSs. Design considerations focusing on identifying and mitigating risks, and implementation recommendations with respect to typical VSs are covered in this document.
This document is not applicable to: (see also 5.3.2 Exclusions)
— desktop, OS, network, and storage virtualization; and
— vendor attestation.
This document is intended to benefit any organization using and/or providing VSs.