The recent cybersecurity challenges faced by Ivanti’s VPN appliances have exposed the company to widespread vulnerabilities. With the threat actors discovering these risks, the enterprise cybersecurity teams are faced with making crucial decisions.
Ivanti recently disclosed five VPN flaws, including zero-day exploits, with two being publicly announced weeks before patches were made available. Cybersecurity researcher Jake Williams has expressed concerns about Ivanti’s slow response to these vulnerabilities and has suggested that it poses an existential threat to the business. He attributes the current issues faced by Ivanti to years-long neglect of secure coding and security testing.
According to Williams, in order to recover, Ivanti needs to address its technical debt and rebuild trust with its customers, a monumental task that he is skeptical the company can handle. Williams has raised doubts about Ivanti’s future as a reliable enterprise firewall brand, a sentiment that has been echoed widely on social media.
However, some have taken a more positive outlook by acknowledging Ivanti’s efforts to identify, fix, and disclose its product vulnerabilities. John Gallagher, vice president of Viakoo Labs, acknowledges that Ivanti is making strides to address its cybersecurity issues and deserves credit for them.
The cybersecurity landscape has left enterprise cybersecurity teams with a difficult choice. They must decide whether to patch the vulnerabilities or follow the advice given by the Cybersecurity and Infrastructure Security Agency (CISA) to disconnect Ivanti VPN appliances from their systems. However, patching has also been a challenging task, given the delayed patching schedule after zero-day vulnerabilities were disclosed.
The situation exacerbated when another vulnerability was disclosed, prompting CISA to issue a mandate for federal agencies to disconnect Ivanti products from their systems. This revelation has led to further skepticism about Ivanti’s cybersecurity practices.
In response, Ivanti has assured customers that it is conducting a full code audit and is committed to resolving the issues affecting its products. However, despite their efforts, there are lingering concerns about whether Ivanti will be able to restore its customers’ trust.
Ivanti’s cybersecurity woes have sent a clear message to cybersecurity teams, emphasizing the need for proactive identification and resolution of vulnerabilities in products and services. It is crucial for organizations to regularly engage in penetration testing to identify vulnerabilities before they are exploited.
As Ivanti continues to grapple with its cybersecurity challenges, enterprise security teams are advised to remain cautious. According to John Bambenek, president at Bambenek Consulting, it would be prudent for CISOs to avoid Ivanti for the time being until they have proven themselves again.
In conclusion, Ivanti’s cybersecurity challenges have cast a shadow of doubt over the company’s ability to recover and regain the trust of its customers. The current situation highlights the importance of proactive cybersecurity measures and the need for vendors to prioritize identifying and resolving vulnerabilities in their solutions. It remains to be seen whether Ivanti will be able to overcome these challenges and restore confidence in its cybersecurity practices.