Many companies use application virtualization, such as Citrix, to deploy their software on client devices without a local installation. This allows flexible and efficient use of applications across various devices, especially within the context of a bring-your-own-device (BYOD) policy. However, the centralized deployment, also known as encapsulation, comes with risks, particularly if attackers succeed in breaking out of the isolated environment.
For instance, misconfigured file managers or special keyboard shortcuts can enable attackers to break out of the application's encapsulation and compromise the underlying system.
During their pentests, our pentest professionals at usd HeroLab consistently encounter environments inadequately prepared for the implementation of virtualization and thus provide gateways for attackers with potentially severe consequences for the company. Conducting a thorough analysis of virtualized environments requires a specialized approach to identify vulnerabilities. In their LabNews article, our pentest professionals highlight key considerations for security experts when analyzing complex virtualized environments. Click here to read the Labews article.
Would you like our security analysts to check your virtualized application for vulnerabilities?