Host-Based Penetration Testing

With our host-based penetration testing services, NetSPI performs a deep dive review of baseline workstation and server images used to deploy systems to the corporate environment.

Improve Network Security

NetSPI’s host-based penetration test reduces organizational risk and improves network security

Standard network penetration testing engagements may not provide comprehensive insights into the vulnerabilities that exist in your baseline system images and Citrix deployed desktops.

During host-based penetration tests, NetSPI tests system drive encryption, group policy configurations, patch levels, service configurations, user and group roles, third party software configurations, and more. It also includes a review of the systems and applications for common and known vulnerabilities. NetSPI supports host-based penetration testing of most Windows, Linux, z/OS, and MacOS variations. Also, testing can be conducted against physical hardware, virtual machines, or virtual desktops.

Our penetration testers find 20% more vulnerabilities by using our Resolve™ platform and proven methodology.

Types of Host-Based Penetration Testing Services

Host-Based Penetration Testing

Host-Based Penetration Testing

During host-based penetration tests, NetSPI conducts an assessment to evaluate the security of a standard system image. Testing is intended to identify vulnerabilities that have the potential to provide unauthorized access to systems, applications, and sensitive data. NetSPI supports host-based pentesting of most Windows, Linux, z/OS, and MacOS variations.

Testing may include the review of physical security controls, software security controls, user and group configurations, local access control configurations, local system configurations, local patch configurations, clear text storage of passwords, and clear text storage of sensitive data.

Virtual Desktop Penetration Testing

As the number of remote workers increases it’s become more challenging to manage physical workstations. As a result, many companies provide remote desktop access through virtualization platforms like Citrix and VMware. Those platforms can make it easy for remote employees, partners, and vendors to access what they need without as much overhead cost and management. However, with the ease of access comes additional risks that don’t have to be considered for laptops not typically accessible from the internet.

During virtual desktop penetration tests, NetSPI identifies vulnerabilities that provide unauthorized access to the operating system through desktops published via virtualization platforms like Citrix and VMware. Additionally, NetSPI reviews the system configuration to identify vulnerabilities that could be used to escalate privileges, pivot into the internal environment, or exfiltrate sensitive data.

Virtual Application Penetration Testing

Virtual Application Penetration Testing

It has become common for companies to make their traditional desktop applications accessible from the internet by publishing them through virtualization platforms like Citrix or VMware. Those platforms make it easy for remote employees, partners, and vendors to access existing desktop applications without requiring the large investment that comes with rewriting legacy apps for the web. However, with the ease of access comes additional risks that don’t have to be considered for desktop applications living behind a firewall.

  • Virtual Application Penetration Tests

    During virtual application penetration tests, NetSPI identifies the risks specific to applications published through virtualization platforms along with traditional application testing to help ensure that your company is staying safe while trying to adapt to evolving business needs.

  • Virtual Application Breakout Assessments

    During virtual application breakout assessments, NetSPI identifies vulnerabilities that provide unauthorized access to the operating system through applications published via virtualization platforms like Citrix and VMware.

Powered by Resolve™

Wireless network engagements are managed and delivered through Resolve, NetSPI’s vulnerability management and orchestration platform. Resolve elevates your vulnerability management and pentesting program. Here’s how:

Simplified Vulnerability Management

  • Manage the lifecycle of vulnerabilities from discovery to remediation – in one single platform.

Increase Pentest ROI
 

  • Resolve’s Workbench cuts the time to complete an engagement by 40 percent.

Security Automation
 

  • Automate key security functions and administrative tasks to focus on finding and remediating the vulnerabilities 
    that matter most.

Test Continuously or
At-Scale

  • Resolve is flexible and can scale up or down to meet the testing requirements of any organization.

Manage Your Entire Attack Surface

  • Use Resolve as the foundation for a strong testing program and monitor your evolving attack surface continuously.

Connect With Our Experts
 

  • With each vulnerability, receive details on severity, 
    business impact, remediation instructions, replication steps, and more.

Host-Based Security Resources

Webinar: Staying Secure While Your Employees Work from Home

Watch this on-demand webinar to make sure you are vulnerability management program is covering the right bases to help mitigate some of the implicit risks associated with a remote workforce.

Tip Sheet: Five Best Practices for Host-Based Security

Host-based security presents a large attack surface that grows when your employees work from home or on mobile devices. Get this checklist to help mitigate the risks associated with a remote workforce.

Blog: Keeping Your Organization Secure While Sending Your Employees to Work from Home

Host-based security represents a large attack surface that is rapidly evolving. Learn key things organizations need to keep in mind to keep their teams effective while working from home.

Discover how the NetSPI BAS solution helps organizations validate the efficacy of existing security controls and understand their Security Posture and Readiness.

X