CISA: US Govt Agencies, CI Orgs. Hit Via Pulse Secure Vulns – CISO Comments

CISA’s alert –  Exploitation of Pulse Connect Secure Vulnerabilities – confirms that attackers breached US government agencies and other critical organizations by exploiting vulnerabilities in Pulse Secure products. “Since March 31, 2021, CISA assisted multiple entities whose vulnerable Pulse Connect Secure products have been exploited by a cyber threat actor.” The CISO of Shared Assessments, the member-driven leaders in third-party risk management tools and research, offers perspective.

Experts Comments

April 22, 2021
Matias Katz
CEO
Byos

The concept of a vulnerability on the perimeter highlights the need for adopting technologies that align with the notion of Zero Trust. Moving from perimeter-based networking model to one where decentralized security by micro-segmentation approach will help organizations minimize the impacts of security incidents.

April 22, 2021
Tom Garrubba
Senior Director and CISO
Shared Assessments

Regardless of whether it is an application performing business processing, a piece of network or server hardware, or a utility to assist in smoothing an operational process, bad code development, and testing practices will always lead to vulnerabilities. Once the threat actors – and in this case, a nation state actor – identified the coding defects with Ivanti Pulse Connect Secure products, they jumped on the vulnerability and hijacked it to do things that it wasn’t originally programmed

.....Read More

Regardless of whether it is an application performing business processing, a piece of network or server hardware, or a utility to assist in smoothing an operational process, bad code development, and testing practices will always lead to vulnerabilities. Once the threat actors – and in this case, a nation state actor – identified the coding defects with Ivanti Pulse Connect Secure products, they jumped on the vulnerability and hijacked it to do things that it wasn’t originally programmed to do. The way to reduce this risk from affecting an organization is to require these providers evidence that they follow secure coding practices. Such due diligence would include evidence of their code development, the performance of both static and dynamic code analysis, testing to ensure the code is secure and cannot be hijacked, and security around the deployment of the product.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.