Thick Client Security
Thick client applications are still employed for internal operations. NetSPI uses multi-vector testing to identify design and configuration weaknesses.
Due to the unique nature of thick client applications, automated vulnerability assessment scanning isn’t sufficient to capture adequate results. Testing thick clients requires expert manual penetration testing skills and a thoughtful, methodical approach. A thorough application security assessment necessitates specialized tools, custom testing set-up, and shrewd hacking techniques.
NetSPI’s approach to Thick Client Assessments includes reviewing server-side controls, data communication paths, and potential client-related issues. During the course of an assessment, the NetSPI team will:
By reviewing all of these attack vectors, we’re able to provide clients with a comprehensive understanding of the security posture of their application and how to improve it. Specific areas of our focus will include, but are not limited to:
The NetSPI Resolve™ platform is critical to thick client penetration testing. It is used to organize all findings in a concise and actionable way. By automating many processes, Resolve allows our consultants to focus on in-depth testing while providing our clients access to the SaaS-based portal.