Virtual Desktop Penetration Testing
Virtual desktop penetration testing identifies vulnerabilities that enable unauthorized access to the OS through desktops published via virtualization platforms such as VMware or Citrix.
Improve Network Security
Virtual desktop pentesting reduces organizational risk and improves network security
As the number of remote workers increases, managing physical workstations becomes more challenging. So, many companies provide remote desktop access through virtualization platforms such as Citrix and VMware. These platforms make it easy for remote employees, partners, and vendors to access what they need with less overhead cost and management. However, with ease of access comes security risks that differ from corporate laptops.
During virtual desktop penetration testing, NetSPI identifies vulnerabilities that provide unauthorized access to the operating system through desktops published via virtualization platforms. Additionally, NetSPI reviews the system configuration to identify vulnerabilities that could be used to break out of Citrix or VMware, escalate privileges, pivot into your internal network environment, or exfiltrate sensitive data.
Our penetration testers find 20% more vulnerabilities by using our Resolve™ platform and proven methodology.
Virtual Desktop Penetration Testing Service
NetSPI tests your virtual desktop hosted internally or in a virtualized environment. Our approach to virtual desktop pentesting provides a security assessment of server-side controls, data communication paths, and potential client-related issues. We employ manual and automated pentesting processes using commercial, open source, and proprietary software to evaluate your virtual desktops.
During a Citrix breakout test or VMware breakout test, NetSPI identifies configurations that allow an attacker to bypass virtual desktop restrictions, exfiltrate data, or access assets on the internal network.
- Virtualization platform vulnerabilities and configurations
- Virtual desktop configurations
- Ingress configurations
- Egress configurations
Powered by Resolve™
Virtual desktop pentesting engagements are managed and delivered through Resolve, NetSPI’s vulnerability management and orchestration platform. Resolve elevates your vulnerability management and pentesting program.