CISA: US Govt Agencies, CI Orgs. Hit Via Pulse Secure Vulns – CISO Comments

By   ISBuzz Team
Writer , Information Security Buzz | Apr 22, 2021 04:20 am PST

CISA’s alert –  Exploitation of Pulse Connect Secure Vulnerabilities – confirms that attackers breached US government agencies and other critical organizations by exploiting vulnerabilities in Pulse Secure products. “Since March 31, 2021, CISA assisted multiple entities whose vulnerable Pulse Connect Secure products have been exploited by a cyber threat actor.” The CISO of Shared Assessments, the member-driven leaders in third-party risk management tools and research, offers perspective.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Matias Katz
Matias Katz , CEO
April 22, 2021 12:46 pm

<p>The concept of a vulnerability on the perimeter highlights the need for adopting technologies that align with the notion of Zero Trust. Moving from perimeter-based networking model to one where decentralized security by micro-segmentation approach will help organizations minimize the impacts of security incidents.</p>

Last edited 2 years ago by Matias Katz
Tom Garrubba
Tom Garrubba , Senior Director and CISO
April 22, 2021 12:22 pm

<p>Regardless of whether it is an application performing business processing, a piece of network or server hardware, or a utility to assist in smoothing an operational process, bad code development, and testing practices will always lead to vulnerabilities. Once the threat actors – and in this case, a nation state actor – identified the coding defects with Ivanti Pulse Connect Secure products, they jumped on the vulnerability and hijacked it to do things that it wasn’t originally programmed to do. The way to reduce this risk from affecting an organization is to require these providers evidence that they follow secure coding practices. Such due diligence would include evidence of their code development, the performance of both static and dynamic code analysis, testing to ensure the code is secure and cannot be hijacked, and security around the deployment of the product.</p>

Last edited 2 years ago by Tom Garrubba

Recent Posts

Would love your thoughts, please comment.x