What is a Restricted Environment Breakout?
Many organisations are turning to virtualisation of apps and desktops in the form of Virtual Desktop Infrastructure (VDI). This often involves virtualisation platforms such as Citrix to deliver these services.
Get your configuration or lock-down wrong and you’ll find users ‘breaking out’ of the environment you thought you had secured. It might not be long after that when you find that your entire domain has been compromised.
End users with access to unnecessary services and networks can cause significant security risks. Malicious employees, for example, could transfer sensitive business data from the virtual desktop to a local USB drive.
- It's a common myth that VDI is inherently more secure than traditional desktop environments, but the reality is virtual desktops are still susceptible to attacks and security issues.
- The majority of well-known specialised solutions claiming to cater for the specific requirements of virtualised environments offer protection at file system level only, which is far from adequate for VDI defense.
- As opposed to attacks on data-storing servers where the main target is remotely accessible data, virtualised workstations are subject to practically the same spectrum of threats as those targeting physical machines.
Why Choose BlackBug?
We will assess your virtual desktop environment, including published applications, for misconfigurations, weak security configurations and other 'low hanging fruit' issues that could be utilised by an attacker to escalate their prvileges or access sensitive information in the environment such as:
- Abusing dialog boxes to gain access to system commands
- Bypassing file system restrictions
- Identifying weaknesses in Microsoft Office and similar applications
- Identifying methods attackers can use to transfer data in and out of the environment
- Sophisticated methods such as binary planting and baiting.