Focus Areas:
βοΈ Governance, Risk & Compliance
, π Application Security
, π Network Security
, π― Penetration Testing
, ποΈ Security Architecture
Abstract
Citrix is a widely used remote desktop application utilized in many major corporations around the world. In addition to offering the typical benefits of RDP and Microsoft terminal services, it is capable of sandboxing and restricting the applications that can be executed by the user. Unfortunately, often times the Citrix environment can introduce a false sense of security within organizations. There are several ways to circumvent security controls within the Citrix framework and many system administrators are not aware of these attacks. During this presentation, weβll demonstrate ways in which to compromise the Citrix environment using multiple attack vectors. Then weβll show you the corresponding remediation strategies.