Expert Comments On SonicWall, Juniper, and Pulse Secure Zero-Day Exploits

Critical vulnerabilities have been identified with company trio Pulse Secure VPN devices, Juniper, and cybersecurity firm SonicWall. 

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jeff Costlow
Jeff Costlow , CISO
InfoSec Expert
April 22, 2021 11:21 am

<p>When zero-day exploits like the recently disclosed SonicWall, Juniper, and Pulse Secure CVEs come to light, organizations need to immediately understand what software and devices might be affected and identify whether there are any vulnerable devices in their environment. This can be remarkably challenging because many organizations struggle to maintain an up-to-date inventory of devices in their environment, let alone detect software types and versions that devices are running and which need to be addressed.</p> <p> </p> <p>Simultaneously, organizations that have vulnerable devices need the ability to detect any related malicious activity that may indicate that the organization had been compromised before the CVE was disclosed, or between the time the CVE was disclosed and when the patch was deployed.</p> <p> </p> <p>Organizations are often forced to choose between remaining vulnerable to a new CVE or disabling business-critical applications such as email security in the case of SonicWall. In either scenario, organizations are subject to business risks and lost productivity. The faster an organization can identify the level of vulnerability, and if so, whether they were compromised, the better the chances of avoiding irrecoverable damage.</p>

Last edited 1 year ago by Jeff Costlow
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x