February 13, 2024 at 11:36AM
Ivanti’s VPN appliances have experienced widespread vulnerabilities, with slow incident response and delayed patch releases. This has led to criticism from cybersecurity experts and a federal mandate to disconnect Ivanti products from government systems. Ivanti’s reputation and customer trust are at stake, with uncertain prospects for recovery and continued caution advised by security professionals.
It seems that Ivanti’s VPN appliances have been widely vulnerable to cyberattacks, with multiple zero-day vulnerabilities disclosed and exploited in the wild. There are mixed views on Ivanti’s handling of these vulnerabilities, with some critics questioning the company’s security practices and incident response, while others acknowledge their efforts to find and disclose vulnerabilities.
The decision for enterprise cybersecurity teams will be whether to patch the vulnerabilities or follow CISA’s advice to disconnect Ivanti VPN appliances. However, patching has also been complicated by delays in Ivanti’s patching schedule and the inclusion of additional undisclosed bugs in some updates.
The situation has led to some confusion and loss of trust, with security experts cautioning against relying solely on reactive patching and advising organizations to engage in proactive testing of their own products and services.
Ivanti has vowed to address the flaws by conducting a full audit of its code, but there remains skepticism among cybersecurity experts about the company’s ability to recover and regain trust. As a result, enterprise security teams are advised to remain cautious in their approach to Ivanti’s products.
Overall, the meeting notes highlight the serious cybersecurity challenges facing Ivanti and the implications for enterprise cyber teams in deciding how to address the vulnerabilities.