<p>Today's attacks go after the weakest link in the system - the end user. Securing the end user desktop in medium/large organizations is a constant, resource intensive job requiring vulnerability detection and patch management systems and the people who understand how to interpret the results and respond accordingly. One approach to reducing the resources required to deal with vulnerability/patch management is to reduce the number of systems requiring such services. This talk presents one approach to doing just that. The presentation will provide an overview of the current threat environment and the bad guy tactics and techniques being observed in this environment. The talk will then present how virtualization technologies could be deployed to counter the bad guys. Finally, I will present the current status of an on-going pilot deployment of these technologies with a large organization's desktop environment. This status will include the current hardware and software architecture, pros/cons, and lessons learned from the pilot deployment. </p>