VDI Deployments are in over 90% of all the Fortune 1000 companies and are used in almost all industry verticals, but are they secure? The goal of most VDI deployments is to centrally deliver applications and/or desktops to users internally and externally, but in many cases their basic security recommendations haven't fully deployed, allowing an attacker to gain access. This talk will review the basic design of the top two solution providers, Citrix and VMware. We will go over these solutions strengths and weaknesses and learn how to quickly identify server roles and pivot. We will also examine all the major attack points and their defensive counters. If you or if you have a client that has a VDI Deployment you don't want to miss this talk.

Patrick Coble is an independent EUC and Security Consultant working around Nashville, TN. Patrick has worked in IT for 18 years and as a consultant for over 9 years. He is a recognized expert in Virtualization, EUC solutions and Security. He has deployed hundreds of VDI deployments using both Citrix and VMware solutions all over the southeast. Patrick is working to expose and close the gaps in VDI solutions when it comes to security. He helps with Red and Blue teams to gain access and secure VDI deployments.

@VDIHacker

Back to Derbycon 2017 video list