Security

DaDesktop is developed entirely in-house by NobleProg Tech, with all maintenance and updates handled internally. A dedicated team of Security Operations, Developers, and DevOps engineers promptly addresses any issues. Only NP Tech personnel can access the underlying DaDesktop system.
NobleProg retains full rights to use and modify all source code.

Both trainers and participants can mirror their entire desktop in real time using the 'remote replica' option.
During experimentation, you can enable automatic snapshots of a desktop. If a crash occurs, the system can roll back to the last functional state.
Servers are housed across redundant data centers. Should one data center fail, another is readily available with low latency.
The DaDesktop infrastructure spans multiple data centers worldwide, all protected by comprehensive physical and digital security policies.
DaDesktop leverages QEMU/KVM to create and run virtual machines. Since QEMU and KVM are integral parts of the Linux operating system, security updates can be deployed rapidly without depending on third-party vendors. QEMU/KVM boasts a strong security and performance record that surpasses many commercial solutions.

Only NP Tech staff with pre-registered IP addresses are permitted to access NobleProg and DaDesktop systems. IP tables firewall rules block unauthorized SSH and other port access.
Every system is shielded by two-factor authentication plus a password. Even if an attacker obtains the password, they will not gain entry because their IP won't be on the whitelist and they would lack the one-time password.
During a DaDesktop course, each desktop network is fully isolated from other desktops and public access.
All NobleProg employees use multi-factor authentication (MFA) to log in. When a staff member leaves, their access is immediately revoked to prevent any unauthorized activity.

DaDesktop server nodes run a minimal, custom-built version of Ubuntu with only essential packages installed, eliminating unnecessary complexity and overhead. This approach reduces potential security vulnerabilities because fewer packages and services are active at any given time. The typical installed footprint is just 250MB per node.
SSH access to the root account is disabled.
The DaDesktop infrastructure runs the latest stable Ubuntu Linux release, with automatic upgrades and patching to minimize exposure to zero-day exploits.
Servers are continuously scanned for known vulnerabilities.
Unused packages and files are purged.
NobleProg has full access to all source code used in the project. If a vulnerability is discovered and no official patch is available yet, our security team can apply a fix immediately.
Automatic system updates are enabled (unattended-upgrades).
All outbound connections from our servers to the dark web are monitored and can be blocked automatically.

All NobleProg servers, including DaDesktop servers, are monitored, and alerts are generated for any issues needing attention. Alerts are promptly investigated and resolved. Regular reviews of these incidents ensure each one is fully addressed and recurrence is prevented.
DaDesktop servers, as well as trainer and participant machines, are monitored for CPU usage, memory consumption, network activity, and more. Additionally, DaDesktop nodes and the underlying system are scanned for Common Vulnerabilities and Exposures (CVEs) that trigger alerts in our monitoring platform. While security updates are typically applied automatically, any exceptions detected are manually patched or mitigated through other measures.
Fresh Start machines on courses are automatically recorded, allowing trainers to review them for potential issues during course preparation. Optionally, recordings of the trainer machine and the Training Room can be captured during a session. This feature is fully controllable via the UI and can be disabled if not needed.
DaDesktop operating system templates are refreshed approximately every two weeks, incorporating the latest security patches.