Are we there yet? As virtualization starts becoming more and more used (and well, because I've got some heavy ties into it now ) I wonder if virtualization has reached a point where security becomes an issue.

From my experience most security issues for virtualization have rested on the "hosted" variants (that is, those that require a Windows or Linux OS underneath the virtualization application) -- like Redpill, scooby_doo and NoPill attacks. Along with those are the general issues that come with the hosted OS. On the other hand, with bare-metal hypervisors we're not seeing as many attacks.

Is this just a frontier waiting to happen? Or is it secure as it is? or what?

Thoughts, comments?