BriForum 2014 Boston - John Whaley, Anna Bogatch, and Geoffrey Thomas - Attacking VDI


Presented by John Whaley, Anna Bogatch, and Geoffrey Thomas

Many organizations have implemented VDI as a solution to desktop manageability and security concerns, believing that running desktops on a central server will improve security. However, VDI encourages end users to access their secure desktops from uncontrolled and unsecured clients. In this session, we will demonstrate an actual attack that works on all major VDI products whereby an infected endpoint can remotely compromise a VDI instance upon initial authentication, completely unbeknownst to the user. We will also discuss techniques to guard against these types of attacks. 

Topics include:
• The security properties of VDI offerings from major VDI vendors
• Real and theoretical attacks against VDI
• A methodology for evaluating the security of a VDI solution
• Best practices for securing VDI

View All Videos

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.