Virtual Desktop Penetration Testing

NetSPI identifies vulnerabilities that provide unauthorized access to the operating system through desktops published via virtualization platforms.

Improve Network Security

NetSPI’s virtual desktop penetration test reduces organizational risk and improves network security

As the number of remote workers increases it’s become more challenging to manage physical workstations. As a result, many companies provide remote desktop access through virtualization platforms like Citrix and VMware. Those platforms can make it easy for remote employees, partners, and vendors to access what they need without as much overhead cost and management. However, with the ease of access comes additional risks that don’t have to be considered for laptops not typically accessible from the internet.

During virtual desktop penetration tests, NetSPI identifies vulnerabilities that provide unauthorized access to the operating system through desktops published via virtualization platforms. Additionally, NetSPI reviews the system configuration to identify vulnerabilities that could be used to escalate privileges, pivot into the internal environment, or exfiltrate sensitive data.

Our penetration testers find 20% more vulnerabilities by using our Resolve™ platform and proven methodology.

Our Virtual Desktop Penetration Testing Service

NetSPI tests your virtual desktop whether it is hosted internally or in a virtualized environment. Our approach to virtual desktop pentesting includes reviewing server-side controls, data communication paths, and potential client-related issues. We employ manual and automated pentesting processes using commercial, open source, and proprietary software to evaluate your application.

Breakout Testing

During breakout testing NetSPI identifies configurations that may allow an attacker to bypass desktop restrictions, exfiltrate data, or access assets on the internal network.

  • Virtualization platform vulnerabilities and configurations
  • Virtual desktop configurations
  • Ingress configurations
  • Egress configurations

Powered by Resolve™

Web application engagements are managed and delivered through Resolve, NetSPI’s vulnerability management and orchestration platform. Resolve elevates your vulnerability management and pentesting program.

Pentesting Research and Tools

Learn about penetration testing on our blog, our open source penetration testing toolsets for the infosec community, and our SQL injection wiki.

NetSPI Secures $90 Million in Growth Funding Led by KKR

X